robert at linuxfromscratch.org
Mon Mar 26 18:12:36 PDT 2007
Hi. It looks like adding MUDFLAP_OPTIONS to unsecvars.h in Glibc works
perfectly at keeping anyone, including root, from setting MUDFLAP_OPTIONS on
an suid program.
Now I'm looking at gcc-4.1.2/libmudflap/mf-runtime.c, around line 300, at the
__mf_set_default_options function, to change this:
__mf_opts.violation_mode = viol_nop;
__mf_opts.violation_mode = viol_abort;
so the default is to abort, instead of doing nothing.
Mudflap isn't meant as a security aid, but I think its better than not using
it at all. I'd like to also add a syslog function to libmudflap to report on
suid 0 aborts. Can any of you think of anything I'm not considering with
this, like another backdoor to mudflap?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the hlfs-dev