Users of setuid library search path please be advised of The GNU C library dynamic linker expands $ORIGIN vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
GNU-SA-10/18/2010: The GNU C library dynamic linker expands $ORIGIN in setuid library search path
For security, the dynamic linker does not allow use of $ORIGIN substitution
sequences for set-user and set-group ID programs. For such sequences that
appear within strings specified by DT_RUNPATH dynamic array entries, the
specific search path containing the $ORIGIN sequence is ignored (though other
search paths in the same string are processed). $ORIGIN sequences within a
DT_NEEDED entry or path passed as a parameter to dlopen() are treated as
errors. The same restrictions may be applied to processes that have more than
minimal privileges on systems with installed extended security mechanisms.Read more at www.criticalwatch.com
See this Amp at http://bit.ly/aDvXWM
No comments:
Post a Comment