Linked by Thom Holwerda on Wed 9th Nov 2011 21:26 UTC, submitted by edwin
General Unix Way back in 2002, MIT decided it needed to start teaching a course in operating system engineering. As part of this course, students would write an exokernel on x86, using Sixth Edition Unix (V6) and John Lions' commentary as course material. This, however, posed problems.
Thread beginning with comment 496949
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: binary for windows....
by bogomipz on Fri 11th Nov 2011 10:51 UTC in reply to "RE[2]: binary for windows.... "
bogomipz
Member since:
2005-07-11

The argument that updating a library will fix the bug in all programs that dynamically link said library goes both ways; breaking the library also beaks all programs at the same time.

And if security is a high priority, you should be aware that dynamic linking has some potential risks on its own. LD_LIBRARY_PATH is a rather dangerous thing, especially when combined with a suid root binary.

Reply Parent Score: 2

jabjoe Member since:
2009-05-06

I'll take being able to easily fix everything with easily being able to break everything every time over not able to fix anything.

The LD_LIBRARY_PATH suid root binary security hole is one that if you know about you can avoid. It's not something that means throw the whole system out.

Update: Looks it's protected against anyway.
http://en.wikipedia.org/wiki/Setuid

"The invoking user will be prohibited by the system from altering the new process in any way, such as by using ptrace, LD_LIBRARY_PATH or sending signals to it"

Edited 2011-11-11 11:43 UTC

Reply Parent Score: 2