|
Bugtraq
mailing list archives
Re: Another ld-linux.so problem
From: aleph1 () DFW DFW NET (Aleph One)
Date: Sun, 8 Feb 1998 15:39:10 -0600
On Sat, 7 Feb 1998 carson () TLA ORG wrote:
Yes. SOCKSifying stupid protocols that require binding ports <1024, for
example. Assuming you install libsocks5_sh.so in /usr/lib, you can do:
$ (export LD_PRELOAD=/usr/lib/libsocks5_sh.so; rsh machine.outside.firewall
pwd)
and have it work. This is basically what the runsocks script does.
Another example: installing a library that overides mktemp, tempnam and
other dangerous library functions with more secure ones. So the feature
is indeed useful. The correct behavior should be for the dynamic linker
to give up at the first error. Alternatively you should be able to
configure such libraries via the configuration file instead of an
environment variable. You cant do so now as far as I can tell.
--
Carson Gaspar -- carson () cs columbia edu carson () tla org carson () cugc org
http://www.cs.columbia.edu/~carson/home.html
Queen Trapped in a Butch Body
Aleph One / aleph1 () dfw net
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
 By Date 
By Thread
Current thread:
- Re: CERT Advisory CA-98.04 - NT.WebServers, (continued)
| 
Intro
