> Ulrich Drepper writes:
> > What should be done instead is registering an OS ABI and an ABI
> > version. The draft for the ELF standard revision defines bytes 7 and
> > 8 of the ELF header for this purpose. This information is as easy to
> > read the the signature in the first four bytes.
>
> Great, but only if existing kernels check the version.
> If not, there would be a huge security hole.
>
> I expect that the header must be mangled, unless you have some other
> way to stop old (unpatched) kernels from running the executable.
Hrm, why prevent execution by older kernels, if it would just fall-back on
older setuid root behavior?
> As you may have guessed (by the tack-it-on-the-end hack), ELF format
> knowledge is surprisingly hard to find. Help is welcome. I and several
> other people will be abusing the format this weekend.
Cool. I can't wait to start patching. ;-)
- --
David L. Parsley
Network Specialist
City of Salem Schools
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/