Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S263927AbUAMKp1 (ORCPT ); Tue, 13 Jan 2004 05:45:27 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S263963AbUAMKp1 (ORCPT ); Tue, 13 Jan 2004 05:45:27 -0500 Received: from ebiederm.dsl.xmission.com ([166.70.28.69]:52781 "EHLO ebiederm.dsl.xmission.com") by vger.kernel.org with ESMTP id S263927AbUAMKpP (ORCPT ); Tue, 13 Jan 2004 05:45:15 -0500 To: Aaron Lehmann Cc: Jesper Juhl , Andrew Morton , linux-kernel@vger.kernel.org Subject: Re: [PATCH] stronger ELF sanity checks v2 References: <20040113033234.GD2000@vitelus.com> From: ebiederm@xmission.com (Eric W. Biederman) Date: 13 Jan 2004 03:39:11 -0700 In-Reply-To: <20040113033234.GD2000@vitelus.com> Message-ID: User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.2 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1724 Lines: 35 Aaron Lehmann writes: > On Tue, Jan 13, 2004 at 02:55:07AM +0100, Jesper Juhl wrote: > > Here's the second version of my patch to add better sanity checks for > > binfmt_elf > > I assume this breaks Brian Raiter's tiny ELF executables[1]. Hmm. I would expect most of the to continue to work because they are valid. The only problem I see is when he starts scrunching things together by changing the value of fields that have a specified meaning. > Even > though these binaries are evil hacks that don't comply to standards > and serve no serious purpose, I'm not sure what the purpose of the > sanity checks is. Are there any risks associated with running > non-compliant ELF executables? Sanity checks are always good for future compatibility so someone does not come to rely on your bugs. This is less of a problem in linux than in some systems but still. This is the primary reason cpus have undefined opcode exceptions for example. > (Now that I mention it, the > proof-of-concept exploit for the brk() hole comes to mind, but I don't > know offhand if that did anything against the spec.) I don't mean to > question the usefulness of your work, especially as I don't know much > about ELF, but I'm personally curious about why you think additional > sanity checks are worth a slight increase in code complexity. That was my impression as well. Increasing the complexity of the if statements when goto's are already in use seems silly. Eric - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/