diff options
| author | Diego Elio 'Flameeyes' Pettenò <flameeyes@gmail.com> | 2009-07-07 20:51:53 +0200 |
|---|---|---|
| committer | Colin Guthrie <cguthrie@mandriva.org> | 2009-07-16 17:56:00 +0100 |
| commit | abf6dfbc625006f08fb30fef5814d0c7eb57e2ee (patch) | |
| tree | 327aaa084568c7bc7f913947c077caa487824bae | |
| parent | dce6af5fefbcd68d52f6ff42509213406f62c57f (diff) | |
Remove exploitable LD_BIND_NOW hack (CVE-2009-1894).
Instead of trying to re-execute pulseaudio itself with LD_BIND_NOW set,
just find the correct flag for the linker to request immediate bindings
(all ELF files support that option), and use that when linking the daemon.
Reduce the amount of compiled and executed code as well.
| -rw-r--r-- | configure.ac | 6 | ||||
| -rw-r--r-- | src/Makefile.am | 4 | ||||
| -rw-r--r-- | src/daemon/main.c | 22 |
3 files changed, 8 insertions, 24 deletions
diff --git a/configure.ac b/configure.ac index 25cee577..690c2a89 100644 --- a/configure.ac +++ b/configure.ac @@ -114,6 +114,12 @@ CC_CHECK_LDFLAGS([${tmp_ldflag}], [VERSIONING_LDFLAGS='-Wl,-version-script=$(srcdir)/map-file']) AC_SUBST([VERSIONING_LDFLAGS]) +dnl Use immediate (now) bindings; avoids the funky re-call in itself +dnl the -z now syntax is lifted from Sun's linker and works with GNU's too +dnl other linkes might be added later +CC_CHECK_LDFLAGS([-Wl,-z,now], [IMMEDIATE_LDFLAGS="-Wl,-z,now"]) +AC_SUBST([IMMEDIATE_LDFLAGS]) + dnl Check whether to build tests by default (as compile-test) or not AC_ARG_ENABLE([default-build-tests], AS_HELP_STRING([--disable-default-build-tests], [Build test programs only during make check])) diff --git a/src/Makefile.am b/src/Makefile.am index 0d4f53af..413cae1e 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -153,9 +153,9 @@ PREOPEN_LIBS = $(modlibexec_LTLIBRARIES) endif if FORCE_PREOPEN -pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f)) +pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f)) else -pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f)) +pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f)) endif if HAVE_POLKIT diff --git a/src/daemon/main.c b/src/daemon/main.c index c456e6d1..4499ea34 100644 --- a/src/daemon/main.c +++ b/src/daemon/main.c @@ -399,28 +399,6 @@ int main(int argc, char *argv[]) { pa_log_set_level(PA_LOG_NOTICE); pa_log_set_flags(PA_LOG_COLORS|PA_LOG_PRINT_FILE|PA_LOG_PRINT_LEVEL, PA_LOG_RESET); -#if defined(__linux__) && defined(__OPTIMIZE__) - /* - Disable lazy relocations to make usage of external libraries - more deterministic for our RT threads. We abuse __OPTIMIZE__ as - a check whether we are a debug build or not. - */ - - if (!getenv("LD_BIND_NOW")) { - char *rp; - - /* We have to execute ourselves, because the libc caches the - * value of $LD_BIND_NOW on initialization. */ - - pa_set_env("LD_BIND_NOW", "1"); - - if ((rp = pa_readlink("/proc/self/exe"))) - pa_assert_se(execv(rp, argv) == 0); - else - pa_log_warn("Couldn't read /proc/self/exe, cannot self execute. Running in a chroot()?"); - } -#endif - #ifdef HAVE_GETUID real_root = getuid() == 0; suid_root = !real_root && geteuid() == 0; |