Bug#963508: /lib/ld-linux.so.2: LD_PRELOAD breaks with plain filename [and 1 more messages]

To: Aurelien Jarno <aurelien@aurel32.net>
Cc: Ian Jackson <ijackson@chiark.greenend.org.uk>, 963508@bugs.debian.org, Colin Watson <cjwatson@debian.org>
Subject: Bug#963508: /lib/ld-linux.so.2: LD_PRELOAD breaks with plain filename [and 1 more messages]
From: Florian Weimer <fweimer@redhat.com>
Date: Wed, 24 Jun 2020 12:47:41 +0200
Message-id: <[🔎] 87sgekd9ki.fsf@oldenburg2.str.redhat.com>
Reply-to: Florian Weimer <fweimer@redhat.com>, 963508@bugs.debian.org
In-reply-to: <[🔎] 20200623152453.GB287302@aurel32.net> (Aurelien Jarno's message of "Tue, 23 Jun 2020 17:24:53 +0200")
References: <[🔎] 159284881159.3577.15577493642137212642.reportbug@zealot.relativity.greenend.org.uk> <[🔎] 20200622211851.GA8215@aurel32.net> <[🔎] 24305.56738.393752.772285@chiark.greenend.org.uk> <[🔎] 20200623110445.GB8215@aurel32.net> <[🔎] 24305.58815.453992.540855@chiark.greenend.org.uk> <[🔎] 20200623130403.GA287302@aurel32.net> <[🔎] 24306.256.917475.620133@chiark.greenend.org.uk> <[🔎] 159284881159.3577.15577493642137212642.reportbug@zealot.relativity.greenend.org.uk> <[🔎] 20200623152453.GB287302@aurel32.net> <[🔎] 159284881159.3577.15577493642137212642.reportbug@zealot.relativity.greenend.org.uk>

* Aurelien Jarno:

>> This doesn't seem correct to me.  Is there any documentation giving a
>> rationale for this ?  Is there a way to change this locally ?
>
> I do not know enough about apparmor and its threat model to know if it
> should be considered or not. From the glibc point of view, nothing can
> be really done, it just obeys the AT_SECURE flag passed by the kernel.
>
> Now looking at apparmor.d(5), it seems it *might* be controlled by the
> change_profile option with the safe and unsafe mode. But I don't speak
> apparmor fluently enough to actually know how to introduce that option
> in a profile.

I think LSMs can nowadays also express security transitions that trust
the execution environment, that is, that they add more restrictions
instead of increasing privileges.  I believe we use this with SELinux,
so that these transitions to do not cause AT_SECURE to be set.  Maybe
this is something that apparmor could do as well?

Thanks,
Florian

Reply to:

References:
- Bug#963508: /lib/ld-linux.so.2: LD_PRELOAD breaks with plain filename
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Bug#963508: /lib/ld-linux.so.2: LD_PRELOAD breaks with plain filename
  - From: Aurelien Jarno <aurelien@aurel32.net>
- Bug#963508: /lib/ld-linux.so.2: LD_PRELOAD breaks with plain filename
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Bug#963508: /lib/ld-linux.so.2: LD_PRELOAD breaks with plain filename
  - From: Aurelien Jarno <aurelien@aurel32.net>
- Bug#963508: /lib/ld-linux.so.2: LD_PRELOAD breaks with plain filename
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Bug#963508: /lib/ld-linux.so.2: LD_PRELOAD breaks with plain filename
  - From: Aurelien Jarno <aurelien@aurel32.net>
- Bug#963508: /lib/ld-linux.so.2: LD_PRELOAD breaks with plain filename [and 1 more messages]
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Bug#963508: /lib/ld-linux.so.2: LD_PRELOAD breaks with plain filename [and 1 more messages]
  - From: Aurelien Jarno <aurelien@aurel32.net>

Prev by Date: Bug#963508: /lib/ld-linux.so.2: LD_PRELOAD breaks with plain filename [and 1 more messages]
Next by Date: Re: [RFC PATCH v4 1/2] configure: Remove --enable-obsolete-nsl
Previous by thread: Bug#963508: /lib/ld-linux.so.2: LD_PRELOAD breaks with plain filename [and 1 more messages]
Next by thread: Upcoming oldstable point release (9.13)
Index(es):
- Date
- Thread