I'm sure I'll get lots of flames for forwarding this, but there's been a lot of talk about this problem lately, and it definitely has serious security implications; even if it turns out to be the case that the contents of the file aren't modified, having the time stamp pseudo-randomly change would make just about any sysadmin go into a fit of paranoia. Message-Id: <199809171409.KAA02717at_private> X-Mailer: exmh version 2.0.2 2/24/98 To: hackersat_private Subject: GDB modifies shared libraries? Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 17 Sep 1998 10:09:09 -0400 From: Robert Withrow <bwithrowat_private> Sender: owner-freebsd-hackersat_private X-Loop: FreeBSD.ORG I was debugging a (large) program using GDB on an xterm (which prevented me from getting the exact text, as you will see). This is on 2.2.6-RELEASE on a P6-200 with 128M ram. I was running as a normal user, not root. I issued the "run" command and GDB said that /usr/lib/libc.so.3.1 had changed and it was re-loading it. That was followed immediately by X freezing, and then a spontaneous re-boot. After the system re-booted, sure enough the date on /usr/lib/libc.so.3.1 had been changed! Now, with this program, GDB generally says that the *program* has changed *every* time I issue the "run" command, but I thought that was just a GDB problem. But I don't understand how GDB can override protections on /usr/lib/libc.so.3.1 in order to change its date. This seems like an OS bug. Any fixes around? -- Robert Withrow -- (+1 978 916 8256) BWithrowat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:16:35 PDT