ProHoster > Blog > talafou initaneti > Fa'aletonu ile ld.so OpenBSD

Fa'aletonu ile ld.so OpenBSD

Fa'aola fa'amalosi ld.so, aofia ai ma OpenBSD, e mafai, i lalo o nisi tulaga, SUID/SGID- o talosaga e tu'u ai le suiga ole siosiomaga LD_LIBRARY_PATH ma fa'ataga ai le fa'ailoga vaega lona tolu e utaina i totonu ole fa'asologa o se fa'agasologa o lo'o fa'agaoioia ma fa'ae'e avanoa. O lo'o avanoa patches e fa'aleleia ai le vaivai mo fa'amalologa 6.5 и 6.6. Fa'ailoga fa'alua (syspatch) mo amd64, i386 ma arm64 platforms ua uma ona gaosia ma e tatau ona avanoa mo le download i le taimi e faʻasalalau ai lenei tala fou.

Le aano o le faafitauli: i le taimi o le taotoga, ld.so muamua aveese le tau o le LD_LIBRARY_PATH fesuiaiga mai le siosiomaga ma, faʻaaoga le _dl_split_path() galuega, liliu i se faasologa o manoa - auala i directories. Afai e aliali mai mulimuli ane o le faagasologa o loʻo i ai nei o loʻo amataina e se SUID / SGID talosaga, ona faʻamalo lea o le faʻatulagaina ma, o le mea moni, o le LD_LIBRARY_PATH fesuiaiga e faʻamalo. I le taimi lava e tasi, afai o le _dl_split_path() e leai se manatua (lea e faigata ona o le faʻatapulaʻaina o le 256 kB faʻatapulaʻa i luga o le tele o fesuiaiga o le siosiomaga, ae mafai ona mafai), ona maua lea e le _dl_libpath le tau NULL, ma siaki mulimuli ane o le o le tau o lenei fesuiaiga o le a faʻaosoina le valaau i _dl_unsetenv("LD_LIBRARY_PATH").

Fa'aletonu na maua e tagata popoto Agavaa, faa; pei foi ona tele na fa'aalia muamua faafitauli. O tagata suʻesuʻe saogalemu na faʻailoaina le faʻafitauli na maitauina le vave ona foia o le faʻafitauli: o se patch na saunia ma faʻafouga na tuʻuina atu i totonu o le tolu itula talu ona maua le faʻamatalaga OpenBSD.

Faʻaopoopo: O le faʻafitauli ua tuʻuina atu se numera CVE-2019-19726. Faia i luga ole lisi oss-security meli fa'aaliga aloa'ia, e aofia ai se faʻataʻitaʻiga faʻaogaina o loʻo taʻavale ile OpenBSD 6.6, 6.5, 6.2 ma 6.1 architectures
amd64 ma i386 (o le faʻaaogaina e mafai ona faʻafetaui mo isi fausaga).
O le mataupu e mafai ona faʻaaogaina i le faʻapipiʻiina le lelei ma faʻatagaina se tagata faʻaoga le faʻaogaina i le lotoifale e faʻaogaina le code e avea ma aʻa e ala i le sui o le faletusi pe a faʻaogaina le chpass poʻo le passwd suid utilities. Ina ia fatuina tulaga maualalo e manaʻomia mo le gaioiga, seti le RLIMIT_DATA tapulaʻa e ala i setrlimit.

puna: opennet.ru

Faaopoopo i ai se faamatalaga