We are working on improving LD_AUDIT support, which is the plugin API of the dynamic loader. It can in theory be used to implement such things.
Depending on the threat model, then DT_BIND_NOW and/or LD_PRELOAD can be used to find the desired instance of dlsym(). If the threats include "just in time" modification of the instruction stream, then you must control the system calls execve, mmap, mprotect, and ptrace. -- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure