Many UNIX systems allow you to "pre-load" shared libraries by setting an environment variable LD_PRELOAD. This allows you to do interesting things like replace standard C library functions or even the C interfaces to system calls with your own functions. I recently ran across a piece of software which depended upon knowing the time reasonably accurately. By replacing the time(2) UNIX system call with my own function, I was able to fool the program and get it to misbehave, without the inconvenience of actually changing the system time or even requiring root privileges. If you are writing programs which depend on C library functions or UNIX system calls for secure operation, please distribute only statically-linked versions, as the effort to fool statically-linked binaries is a lot higher than a simple LD_PRELOAD spoof. -- David F. Skoll http://www.roaringpenguin.com
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:45:45 PDT