oss-sec mailing list archives

Re: libdbus hardening

From: Solar Designer <solar () openwall com>
Date: Tue, 10 Jul 2012 18:34:58 +0400

On Tue, Jul 10, 2012 at 04:30:44PM +0200, Sebastian Krahmer wrote:

On Tue, Jul 10, 2012 at 06:22:28PM +0400, Solar Designer wrote:

If this is not for upstream and you only need it working on a particular
distro with glibc, then why not use __secure_getenv()?


Indeed, if it is a exported symbol on the glibc versions we ship,
we should consider this. I remember a discussion that it was somehow
not available in the past.


That was about __libc_enable_secure.  I'm not sure if the same applies
to __secure_getenv() or not.  In Owl and ALT Linux, both are available
for apps.  You could/should make your glibc export these, too.

http://www.openwall.com/lists/oss-security/2011/05/16/11

Alexander

Current thread:

libdbus hardening Sebastian Krahmer (Jul 10)
- Re: libdbus hardening Florian Weimer (Jul 10)
  - Re: libdbus hardening Solar Designer (Jul 10)
    - Re: libdbus hardening Florian Weimer (Jul 10)
    - Re: libdbus hardening Solar Designer (Jul 10)
    - Re: libdbus hardening Sebastian Krahmer (Jul 10)
    - Re: libdbus hardening yersinia (Jul 10)
    - Re: libdbus hardening Sebastian Krahmer (Jul 10)
    - Re: libdbus hardening Solar Designer (Jul 10)
    - Re: libdbus hardening Sebastian Krahmer (Jul 10)
    - Re: libdbus hardening Solar Designer (Jul 10)
    - Re: libdbus hardening Florian Weimer (Jul 11)
    - Re: libdbus hardening Tomas Hoger (Sep 13)
- Re: libdbus hardening Simon McVittie (Jul 10)
  - Re: libdbus hardening Sebastian Krahmer (Jul 11)
    - Re: libdbus hardening Solar Designer (Jul 11)
    - Re: libdbus hardening yersinia (Jul 11)
    - Re: libdbus hardening Solar Designer (Jul 17)
    - Re: libdbus hardening Florian Weimer (Jul 17)
    - Re: libdbus hardening Florian Weimer (Jul 25)
    - Re: libdbus hardening yersinia (Jul 26)

(Thread continues...)