LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-26-2014, 12:35 AM   #1
APLinux
LQ Newbie
 
Registered: Nov 2014
Posts: 5

Rep: Reputation: Disabled
How to avoid LD_PRELOAD ?


How to avoid LD_PRELOAD overriding pick of shared libraries by my application ?

I always want to let my application pick my choice of shared libraries(i.e.) the standard ones and not allow any user to override them.

Static libraries is not my choice and I would want to use LD_LIBRARY_PATH setting and hence not use the setuid/setgid method to avoid ignoring LD_XXX settings. Is there an alternate choice available ?
 
Old 11-26-2014, 12:57 AM   #2
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 16,980

Rep: Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447
rebuild the source code for this unknown application
and point gcc linker to the DIFFERENT libraries

for example i am debuging a CUSTOM build of the math program "octave"
it is using a CUSTOM built 32 bit floating point version of Imagemagick using DOUBLE precision floating point
( libMagick++-6.Q32HDRI.so.5.0.0)

so i build that program and install it OUT OF THE SYSTEM PATH!!!!!
( other programs NEED!!!! the 16 bit imagemagick that is installed by default )
/opt/ImageMagick_Q32HDRI/include
/opt/ImageMagick_Q32HDRI/lib

and DO NOT!!!! add that location to the /etc/ld.so.conf
and do NOT add the include files location to the system

now for the math program "octave" that NEEDS the custom libraries
i pass that location to the compiler while building octave
see:
Code:
./configure --help
--- then something like this
Code:
./configure --prefix= /opt/customProgram LDFLAGS=/opt/ImageMagick_Q32HDRI/lib CPPFLAGS=/opt/ImageMagick_Q32HDRI/include
 
Old 11-26-2014, 01:57 AM   #3
pan64
LQ Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian i686 (solaris)
Posts: 8,475

Rep: Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424
if you want to avoid dynamic linking you just need to use static link during the build.
 
Old 11-26-2014, 03:20 AM   #4
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 16,980

Rep: Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447
for a static build
add
Code:
--with-shared=no --with-static=yes
but you still have to point it to the different libs
 
Old 11-26-2014, 03:37 AM   #5
pan64
LQ Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian i686 (solaris)
Posts: 8,475

Rep: Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424
Static linking occurs build time, and you can/need to specify explicitly the location (for example using -L flags or using full path to the libraries).

Using dynamic libraries you need to take care about the locations, but LD_LIBRARY_PATH and LD_PRELOAD can be modified by the user, you cannot influence that. You can only force to check the version of the linked library (so you can refuse to run further in case of version mismatch). I would suggest you to do this instead of playing with those variables.
 
Old 11-26-2014, 04:56 AM   #6
APLinux
LQ Newbie
 
Registered: Nov 2014
Posts: 5

Original Poster
Rep: Reputation: Disabled
Thanks John. Using LDFLAGS would still let others override it with LD_PRELOAD at the time application is launched, isn't it ?

Thanks pan64. How do I force the version check of linked library in my application ? Any pointers appreciated.
 
Old 11-26-2014, 05:39 AM   #7
pan64
LQ Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian i686 (solaris)
Posts: 8,475

Rep: Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424
the most simple way is to write a version.c (or similar), containing a hardcoded version info, built into the library and a function to return that string. And you can call that function in your app and check the returned value.
 
Old 11-26-2014, 06:08 AM   #8
APLinux
LQ Newbie
 
Registered: Nov 2014
Posts: 5

Original Poster
Rep: Reputation: Disabled
I would like the standard libraries not to be overloaded. I don't think I have an option to re-build the standard libraries in the above said manner. Any other suggestions ?
 
Old 11-26-2014, 06:52 AM   #9
pan64
LQ Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian i686 (solaris)
Posts: 8,475

Rep: Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424
so probably this: http://stackoverflow.com/questions/2...-in-the-binary
 
1 members found this post helpful.
Old 11-27-2014, 05:29 AM   #10
APLinux
LQ Newbie
 
Registered: Nov 2014
Posts: 5

Original Poster
Rep: Reputation: Disabled
It seems this solution depends on the output from dl_iterate_phdr(), which again is from glibc(). So, a clever hacker could hack this as well!
 
Old 11-27-2014, 06:42 AM   #11
pan64
LQ Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian i686 (solaris)
Posts: 8,475

Rep: Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424Reputation: 2424
Everything can be hacked, but actually I think you can allow to use the hacked lib to the one who hacked it ...
 
Old 11-27-2014, 11:35 AM   #12
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 16,980

Rep: Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447Reputation: 2447
Quote:
Thanks John. Using LDFLAGS would still let others override it with LD_PRELOAD at the time application is launched, isn't it ?
?
are you trying to STOP someone( or malicious program ) from sending "fuzzy" data to a lib ?

if so that is WAY more a MS windows issue than a linux one

*.so's are only loaded as needed and then dropped

even system libraries like( -lm) need to be specified now (as apposed to the pre gcc 4.3 days)

just name the "different " *.so a different name
if the program segfaults do to not finding the custom.so
then it is not using it

the imagemagick lib i used in that example is a different name"libMagick++-6.Q32HDRI.so.5.0.0"

and i KNOW that my custom build of Octave is using it
-- no error
and gdb runs
 
Old 11-27-2014, 04:19 PM   #13
Valery Reznic
ELF Statifier author
 
Registered: Oct 2007
Posts: 675

Rep: Reputation: 136Reputation: 136
Quote:
Originally Posted by APLinux View Post
How to avoid LD_PRELOAD overriding pick of shared libraries by my application ?

I always want to let my application pick my choice of shared libraries(i.e.) the standard ones and not allow any user to override them.

Static libraries is not my choice and I would want to use LD_LIBRARY_PATH setting and hence not use the setuid/setgid method to avoid ignoring LD_XXX settings. Is there an alternate choice available ?
Why do you want to disable using LD_PRELOAD?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
using LD_PRELOAD and changing LD_LIBRARY_PATH jyunker Linux - Software 1 10-16-2013 07:24 AM
Differences between LD_LIBRARY_PATH and LD_PRELOAD Nerox Linux - General 1 05-12-2012 08:51 PM
ERROR: ld.so: LD_PRELOAD cannot be preloaded xombboxer Linux - Newbie 2 05-12-2011 12:16 PM
LD_PRELOAD not working kamransoomro84 Programming 3 07-28-2010 07:09 PM
Differences between LD_LIBRARY_PATH and LD_PRELOAD Nerox Linux - Newbie 1 10-01-2004 09:03 AM


All times are GMT -5. The time now is 10:31 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration