format string exploit

Robert Connolly robert at linuxfromscratch.org
Tue Aug 8 13:25:48 PDT 2006


On Tuesday 08 August 2006 13:27, thorsten wrote:
> Ok, I forgot -no-pie which prevented the shell to be launched. SSP does
> NOT prevent the format string exploit!

Thank you for verifying this.

Libsafe is lgpl. Traditionally libsafe is preloaded, via /etc/ld.so.preload, 
which makes it fairly easy to bypass and vulnerable to environment settings. 
I'm going to see about adding Libsafe to libc.so so it can't be disabled so 
easily. However if I remember correctly it causes a few Binutils tests to 
fail. Maybe there are alternative libraries to Libsafe too. It would be a 
backup to Grsecurity in case Grsecurity is misconfigured, or disabled. 

robert
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20060808/1315752c/attachment.sig>


More information about the hlfs-dev mailing list