[uClibc] Re: [uClibc-cvs] CVS uClibc/ldso/ldso

Joakim Tjernlund joakim.tjernlund at lumentis.se
Mon Oct 11 17:14:12 UTC 2004


> On Monday 11 October 2004 10:56 am, Joakim Tjernlund wrote:
> > Are you sure glibc works like this?
> > I had a look in glibc and I think glibc disables the cache for suid, so I
> > assumed uClibc should do the same. Check libc/elf/dl-load.c, around line
> > 1832 in glibc to see if I read the code right.
> 
> like i said, i only know what 'works' :)
> vapier at coral 0 ~ $ ldd /bin/su
> ldd: error: you do not have read permission for `/bin/su'
> vapier at coral 0 ~ $ su -
> Password: 
> root at coral 0 ~ # ls -l /bin/su
> -rws--x--x  1 root root 21008 Jul  4 18:22 /bin/su
> root at coral 0 ~ # ldd /bin/su
>         libcrypt.so.1 => /lib/libcrypt.so.1 (0x40029000)
>         libpam.so.0 => /lib/libpam.so.0 (0x4005d000)
>         libpam_misc.so.0 => /lib/libpam_misc.so.0 (0x4006c000)
>         libc.so.6 => /lib/libc.so.6 (0x40076000)
>         libdl.so.2 => /lib/libdl.so.2 (0x4019b000)
>         libgcc_s.so.1 
> => /usr/lib/gcc-lib/armv4l-unknown-linux-gnu/3.3.4/libgcc_s.so.1 (0x401a6000)
>         /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
> root at coral 0 ~ # ldconfig -p | grep libgcc_s
>         libgcc_s.so.1 (libc6) 
> => /usr/lib/gcc-lib/armv4l-unknown-linux-gnu/3.3.4/libgcc_s.so.1
>         libgcc_s.so (libc6) 
> => /usr/lib/gcc-lib/armv4l-unknown-linux-gnu/3.3.4/libgcc_s.so
> 
> i see the INTUSE(__libc_enable_secure) wrapping the cache search in glibc, but 
> i really dont know what that does ;)

hmm, looking a bit closer in libc/elf/dl-load.c there is an if stmt that boils
down to "if (!preloaded || !__libc_enable_secure) then do a cache lookup".
For this to be false both preloaded and __libc_enable_secure must be !=0
 -  __libc_enable_secure is set to 1 iff SUID.
 -  preloaded is set to 1 only iff the lib has been preloaded via ld.so.preload.
Since preloaded pretty much always is zero, the above if stmt becomes true regardless
of __libc_enable_secure. 

If find this behaviour a bit strange, but that explains why the ld.so cache is used
for SUID programs. On the other hand, my analysis may be way off :( 

Before I undo the change to uClibc ldso, can you see what happens if
you use the /etc/ld.so.preload file to preload a lib or two?

 Jocke




More information about the uClibc mailing list