Re: 2.2.0 SECURITY

Jeremy Fitzhardinge (jeremy@goop.org)
Wed, 27 Jan 1999 00:33:11 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Tom Holroyd: "ldd & pmd"
Previous message: Jason Flynn: "PCI interrupt sharing problem (2.0 -> 2.2)"
In reply to: Tom Holroyd: "ldd & pmd"
Next in thread: Raul Miller: "Re: 2.2.0 SECURITY"

On 27-Jan-99 David S. Miller wrote:
> What it should be doing is:
>
> 1) Exec'ing /lib/ld-linux.so.2
> 2) That reads in the ELF header of the core file
> 3) Next it mmap's all of the segments
> 4) Next it jumps into lala-land in on of the final mmaps
> is got, and dies with an illegal instruction on Sparc
>
> I think something hokey is happening at step #4 on Intel if the timing
> is right as the process is being killed...

Certainly the kernel code checks that the ELF file is either ET_EXEC or ET_DYN
(and not ET_CORE). If ld-linux.so is doing a user-space exec, then I guess it
might forget to check the ELF file type and just go and map the segments as it
finds them... but all that means is that you get a strangely shaped address
space. Which means that if people are having problems then it can be
reproduced in some other way.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Tom Holroyd: "ldd & pmd"
Previous message: Jason Flynn: "PCI interrupt sharing problem (2.0 -> 2.2)"
In reply to: Tom Holroyd: "ldd & pmd"
Next in thread: Raul Miller: "Re: 2.2.0 SECURITY"