grsecurity forums


https://forums.grsecurity.net./

execl() in gradm_adm.c[59] function add_binary_libs()

https://forums.grsecurity.net./viewtopic.php?f=3&t=122

Page 1 of 1

execl() in gradm_adm.c[59] function add_binary_libs()

PostPosted: Wed Aug 21, 2002 4:17 pm
by messi
Hi!

Is it true, that ELF binaries will be executed in a child-process by gradm when enabling -E, reloading -R or testing -T the ACLs? If yes, why?

I use samhain and I'd like to protect it with grsec. So I added these lines to /etc/grsec/acl:

/ {
...

/path/to/samhain h
/path/to/samhain/sbin/samhain rx
}

/path/to/samhain/sbin/samhain phv {
/ rxo
/path/to/samhain rwxo
}

"gradm -T /path/to/samhain/sbin/samhain /sbin" executes the samhain binary. The gradm hangs while samhain is running.

PostPosted: Wed Aug 21, 2002 9:23 pm
by spender
it executes it with a special trace objects environment variable that gives the names of libraries it uses (not including ones used through dl_open). The actual code of the binary doesn't get executed. The code I use is basically what the ldd script does. I'm going to rewrite the code to grab this info from the binary itself without executing it, however, which should solve your problem, and be cleaner in general.

-Brad

statically linked binaries

PostPosted: Thu Aug 22, 2002 4:36 pm
by messi
Okay, thank you !!

Btw, my samhain is statically linked and it seems ldd checks this first. Maybe gradm just needs this check.
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/