On 4/25/06, Axelle Apvrille <[email protected]> wrote:
1- "does this also prevent people writing their own
elf loader in a bit of perl and just mmap the code"
I'm not sure to exactly understand what you mean:
- if you mean writing an application able to read &
'interpret' an ELF executable: again, I think DigSig
will prevent this, because when you mmap the code,
this calls (at kernel level) do_mmap which triggers an
LSM hook called file_mmap. And we implement checks in
that hook...
- if you mean modifying the ELF loader so that do_mmap
/ file_mmap aren't called, well you'll need to hack
the kernel, won't you ?
- finally, note you also have choice not to sign this
elf loader of yours. If it isn't signed, it won't ever
run ;-)
No, there no problem writing a loader. All you need is to create
anonymous mappings. Via mmap, maybe on the stack, some heaps are
still executable. Then you load the code, fix it up for the address,
and be done. The kernel cannot and will not prevent a read(2) call on
the binary. That's all that's needed. And without the SELinux
support in place you cannot prevent non-exec memory creation and even
then, some people need it (jvms, OpenGL libs, etc) to generate code on
the fly. So it's never completely ruled out. Again, look at the code
in http://people.redhat.com/drepper/selinux-mem.html.
Given you have executable anonymous memory it is a one-time small
effort to write a loader and you're done. Nothing your signature
detection code can do about it. This is snake oil.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
