You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Isn't the whole point of this that you're about to execute the target binary anyway, and indeed that you did exec it and the kernel found the madness loader as the interpreter? Doesn't that mean you trust the binary already - how is it any more dangerous to run ldd on that binary?
I buy the argument that ldd should not be run on untrusted binaries that you're just looking at, the way that it is (hopefully) okay to run e.g. readelf on them, because the mechanisms used by ldd aren't designed to be robust against malicious binaries, and it's possible to get arbitrary code execution when you're not intending it. But that's precisely because ldd is reusing the mechanisms that are used when actually running the binary, no? And here we are intending arbitrary code execution.
(Or am I missing something?)
The text was updated successfully, but these errors were encountered:
Isn't the whole point of this that you're about to execute the target binary anyway, and indeed that you did exec it and the kernel found the madness loader as the interpreter? Doesn't that mean you trust the binary already - how is it any more dangerous to run ldd on that binary?
I buy the argument that ldd should not be run on untrusted binaries that you're just looking at, the way that it is (hopefully) okay to run e.g. readelf on them, because the mechanisms used by ldd aren't designed to be robust against malicious binaries, and it's possible to get arbitrary code execution when you're not intending it. But that's precisely because ldd is reusing the mechanisms that are used when actually running the binary, no? And here we are intending arbitrary code execution.
(Or am I missing something?)
The text was updated successfully, but these errors were encountered: