On Tue, Dec 3, 2013, at 9:50, Markus Teich wrote:
> Mihail Zenkov wrote:
> > ldd /usr/bin/gimp-2.8
>
> Heyho,
>
> http://www.catonmat.net/blog/ldd-arbitrary-code-execution/
Considering that he probably _actually_ executes the very same gimp-2.8
binary all the time, your concern is misplaced. This attack is highly
situational, requiring the attacker to cause someone to encounter a
binary that they would not otherwise execute and to be curious about
what libraries it uses.
"Don't run ldd on an unknown binary you wouldn't execute" becomes "don't
run ldd ever on anything" - the cargo cult at its finest. I propose not
allowing untrusted binaries to be placed in /usr/bin in the first place.
Received on Tue Dec 03 2013 - 17:29:44 CET