On 2023-04-20 05:06, Cristian Rodríguez via Libc-alpha wrote:
Exactly, my understanding is that it is a futile exercise ..if one
sufficient privilege at that stage one can do whatever is desired.. why
even bother messing with the standard fds..
Making stdin unreadable is not meant to thwart a
On 20/04/23 09:06, Cristian Rodríguez wrote:
>
>
> On Thu, Apr 20, 2023 at 7:47 AM Adhemerval Zanella Netto
> mailto:adhemerval.zane...@linaro.org>> wrote:
>
>
>
>
> I am not really sure how effective is this hardening, it seems more a
> development one to enforce that system daem
On Thu, Apr 20, 2023 at 7:47 AM Adhemerval Zanella Netto <
adhemerval.zane...@linaro.org> wrote:
>
>
>
> I am not really sure how effective is this hardening, it seems more a
> development one to enforce that system daemon are spawned correctly.
>
Exactly, my understanding is that it is a futile
On 19/04/23 18:16, Sergey Bugaev wrote:
> On Wed, Apr 19, 2023 at 11:45 PM Adhemerval Zanella Netto
is this really needed now? playing silly games with this fds will always
result in silly prices.
>>
>> My understanding of this code is to enforce that on setuid program with
>> stdin/s
On Wed, Apr 19, 2023 at 11:45 PM Adhemerval Zanella Netto
wrote:
> > I might be missing something, but why statically linked only? I don't
> > see anything like that in elf/Makefile (but maybe I don't know where
> > to look, please tell me!), and also the same behavior is certainly
> > exhibited b
On 19/04/23 16:40, Sergey Bugaev wrote:
> On Wed, Apr 19, 2023, 22:13 Cristian Rodríguez
> wrote:
>> Im a little bit lost on what it was supposed to do in this old form.. as
>> the open flags are all wrong..
>>
>> Changelog says:
>>
>> (__libc_check_standard_fds): Reverse modes so that comm
On Wed, Apr 19, 2023, 22:13 Cristian Rodríguez wrote:
> Im a little bit lost on what it was supposed to do in this old form.. as the
> open flags are all wrong..
>
> Changelog says:
>
> (__libc_check_standard_fds): Reverse modes so that common operations on
> the descriptors fail.
>
> S
On Wed, Apr 19, 2023 at 12:02 PM Sergey Bugaev wrote:
> stdin is supposed to be readable, stdout and stderr writable. Otherwise,
> we get this:
>
> index de6dd716..ca4812cd 100644
> --- a/csu/check_fds.c
> +++ b/csu/check_fds.c
> @@ -90,7 +90,7 @@ __libc_check_standard_fds (void)
> is reall
