Securely loading libraries (Linux)

Now that I’ve said loading libraries in Linux is insecure, let’s just cursorily examine how that is…

I require a digitally signed .so. Being a decent sort of chap, I’ve decided to allow it to exist in a foo.so.signature file, alongside the library foo.so. it means that I don’t need to add it to the binary in another section of the .so. This generally complicates signature checking – you need to check the signature of the binary, while excluding the section containing the signature, which could itself be a mechanism for getting code into the system. This can be ameliorated by enforcing a size restriction on the signature section, but have you seen some of the code these days? it’s really fricking small.

the standard mechanism for loading foo.so, is to use the dlopen() call. Once you have completed this call any .init section of the library has been executed. you are pwned.

You need to open() the file, open() the signature. Compare the signature to the content of the file (you can use mmap(MAP_PRIVATE) to ensure that changes to the underlying file do not affect the contents of your memory. Then you re implement dlopen(), alowing it to take either a file descriptor or a raw handle to memory and a size… it’s your call

Feckers, not making linux secure by default… oh, wait, this has existed since before linux…

Security is an ever developing process. the APIs need to evolve with the threats.

Pardon me boys, is this the road to great Cthulhu

Well, I’ve officially finished with my GMing for another year at Warpcon. The Paranoia was on last night, and I feel that my players performed their tasks at disaster management very well. One of them survived, bravely fighting off the remainder of the players for the personal shield. He, of course was the one on his last clone from the start, and was successfully getting everyone else at the table recloned a few times. Bouncy rubber balls, flesh eating viruses, where bodies were being put together using 2,000 km of sticky tape. Several nuclear explosions, vast amounts of MDK everywhere. Oh, it was all good.
This afternoon it was the Cthulhu scenario. Hey! it’s great to have the band back.