summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorDiego Elio 'Flameeyes' Pettenò <flameeyes@gmail.com>2009-07-07 20:51:53 +0200
committerDiego Elio 'Flameeyes' Pettenò <flameeyes@gmail.com>2009-07-16 15:57:41 +0200
commit84200b423ebfa7e2dad9b1b65f64eac7bf3d2114 (patch)
treea469037503d8dfc78813ba19d3b94f700bb641b1 /src
parentff252cb48d9bd827d262eb2633fecaff47c6fe5c (diff)
Remove exploitable LD_BIND_NOW hack (CVE-2009-1894).
Instead of trying to re-execute pulseaudio itself with LD_BIND_NOW set, just find the correct flag for the linker to request immediate bindings (all ELF files support that option), and use that when linking the daemon. Reduce the amount of compiled and executed code as well.
Diffstat (limited to 'src')
-rw-r--r--src/Makefile.am4
-rw-r--r--src/daemon/main.c22
2 files changed, 2 insertions, 24 deletions
diff --git a/src/Makefile.am b/src/Makefile.am
index 7ebf1f8a..ac627c84 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -183,9 +183,9 @@ PREOPEN_LIBS = $(modlibexec_LTLIBRARIES)
endif
if FORCE_PREOPEN
-pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f))
+pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f))
else
-pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f))
+pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f))
endif
###################################
diff --git a/src/daemon/main.c b/src/daemon/main.c
index eb378d24..0f6fc907 100644
--- a/src/daemon/main.c
+++ b/src/daemon/main.c
@@ -401,28 +401,6 @@ int main(int argc, char *argv[]) {
pa_log_set_level(PA_LOG_NOTICE);
pa_log_set_flags(PA_LOG_COLORS|PA_LOG_PRINT_FILE|PA_LOG_PRINT_LEVEL, PA_LOG_RESET);
-#if defined(__linux__) && defined(__OPTIMIZE__)
- /*
- Disable lazy relocations to make usage of external libraries
- more deterministic for our RT threads. We abuse __OPTIMIZE__ as
- a check whether we are a debug build or not.
- */
-
- if (!getenv("LD_BIND_NOW")) {
- char *rp;
-
- /* We have to execute ourselves, because the libc caches the
- * value of $LD_BIND_NOW on initialization. */
-
- pa_set_env("LD_BIND_NOW", "1");
-
- if ((rp = pa_readlink("/proc/self/exe")))
- pa_assert_se(execv(rp, argv) == 0);
- else
- pa_log_warn("Couldn't read /proc/self/exe, cannot self execute. Running in a chroot()?");
- }
-#endif
-
if ((e = getenv("PULSE_PASSED_FD"))) {
passed_fd = atoi(e);