Untitled attachment

Notices where this attachment appears

1. Embed this notice
   Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 08:34:04 JST Haelwenn /элвэн/ :triskell:

   in reply to
   @sun Or for another example on glibc systems, CVE-2023-4911 (glibc ld.so GLIBC_TUNABLES) would still work against sudo-rs instead of sudo.
   
   Meanwhile a Go reimplementation of sudo could end up fine if cgo isn't used.
2. Embed this notice
   Jan Schaumann (jschauma@mstdn.social)'s status on Thursday, 28-Nov-2024 06:06:48 JST Jan Schaumann

   in reply to

   Advanced #Programming in the #UNIX Environment

   Week 11, Of Linkers and Loaders

   Building on top of what we discussed in Week 5 in the context of the compiler chain, we take a look at how a relocatable object file is turned into an executable by the dynamic linker (ld) and how an executable is loaded into memory by the run-time link-editor (ld.so or ld.elf_so).

   https://youtu.be/8KWuz7gLycc

   #apue

3. Embed this notice
   Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Monday, 17-Jun-2024 22:00:02 JST Haelwenn /элвэн/ :triskell:
   @xerz Why even, musl is also good when dynamically linked. (In fact one of my reasons for throwing the last remains of glibc here is how awful glibc's ld.so is)
4. Embed this notice
   Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 29-Mar-2024 00:47:21 JST Haelwenn /элвэн/ :triskell:
   > think about pledge/unveil on linux
   > it's restrictions added in the middle of runtime
   > remember that epic fail in glibc ld.so
5. Embed this notice
   Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Monday, 23-Oct-2023 04:52:17 JST Haelwenn /элвэн/ :triskell:

   in reply to
   @icedquinn @mischievoustomato @novenary @wolf480pl GNU basically never documents their extensions, this is why I say they do vendor-locking.
   But that should only matter for ones where you don't have proper third-party implementations/documentations, which here you absolutely did.
   
   Like if EAC wanted, they could be like "Nope, we're doing ld.so ourselves" (probably a terribly bad idea btw) and they would be able to implement gnu_hash support easily.
6. Embed this notice
   Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Monday, 23-Oct-2023 04:38:49 JST Haelwenn /элвэн/ :triskell:

   in reply to
   @icedquinn @mischievoustomato @novenary @wolf480pl What do you mean exactly by technical report?
   
   Because it's been documented for at least 10 years by now (just not by GNU AFAIK) and with third-party implementations like LLVM's lld, musl's ld.so, …
   It's very much a de-facto standard.