Skip to content

Rpath RW #17

New issue
New issue
Open
Open
Rpath RW#17
@cgzones

Description

@cgzones
cgzones
opened on Sep 27, 2022

The TODO section of the ReadMe mentions Rpath RW, probably taken from the output of checksec.sh.
From an ELF perspective RPATH and RUNPATH have no RW(read-write) attribute.
checksec.sh checks whether the respective directory is writable, which is not that interesting, since it is fine for /usr/lib/foo to be writable by root.
One could maybe divide R(UN)PATH into some sections:

  • relative path (dangerous)
  • absolute path or $ORIGIN, and the directory is "secure" (i.e. itself and all its parents are owned by root:root and not writable by others)
  • absolute path or $ORIGIN, and the directory is not "secure"

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions