On 09/15/2015 03:58 PM, Simo Sorce wrote: >> I'm not sure how difficult this would be because I'm not sure how many >> symbols rely upon indirect dependencies. I think it would be a worthwhile >> cleanup to turn on something like you suggest, and attempt to bootstrap >> the OS using Fedora Bootstrap [1]. > > Symbol interposition is used a lot for very useful features, blocking > interposition would break a lot of stuff. Such as run-time patching of BIND 9 on RHEL 3 to remove a remote crasher bug? I don't know. There is the malloc use case (which could easily be supported by marking these functions as interposable), but beyond that? >>> We currently do not perform proper symbol namespace management in Fedora >>> (as we discussed before). Perhaps we should try to track DSO symbol >>> namespaces first, and use that data to guide further evolution of >>> dynamic linking. >> >> Agreed. We do indeed need some infrastructure in tools to extract all >> symbols out of the entire distribution and review them. > > How do you distinguish between intentionally clashing symbol names and > others ? So far, it's been a manual process. Sometimes, it is obvious based on the symbol name (“mutex”, “buffer”, “yylex”). Sometimes, it can be tricky—we have multiple JSON libraries which use the json_ prefix. And there are few symbols which must be exempted manually: <https://github.com/fweimer/symboldb/blob/master/doc/examples/library-symbol-collisions.txt> (This query needs to check the symbol binding, LOCAL/LOCAL is okay.) Based on past experiment, I think that if we want to take collisions seriously, we need to define symbol namespaces, at least for core-ish packages. And beyond that, we need to look at linker changes. -- Florian Weimer / Red Hat Product Security -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
