28

http://www.catonmat.net

The `ldd` utility is more vulnerable than you think. It’s frequently used by programmers and system administrators to determine the dynamic library dependencies of executables. Sounds pretty innocent, right? Wrong! It turns out that running `ldd` on an executable can result in executing arbitrary code. I researched this subject thoroughly and found that it was almost completely undocumented. This article details how such executable can be constructed and comes up with a social engineering scenario that may lead to system compromise.

Full story »
pkrumins's picture
Created by pkrumins 5 years 7 weeks ago – Made popular 5 years 7 weeks ago
Category: Beginner   Tags:
akf's picture

akf

5 years 7 weeks 3 days 14 hours ago

4

known

Well, it's not really unknown that you shouldn't use ldd on untrusted programs, especially not with root privileges.
But it's a good reminder.

akf's picture

akf

5 years 7 weeks 3 days 11 hours ago

2

better way

A more secure way to find the required libs is objdump:

objdump -p ./program | grep NEEDED

This also finds just the direct dependencies and that's what you are most probably interested in.

pkrumins's picture

pkrumins

5 years 7 weeks 3 days 10 hours ago

1

thanks akf.

Thanks for updates akf. There were literally just 3 or 4 different pages that said something about this unexpected ldd behavior.

I also just talked with someone who has been using gentoo for a long time and he says he remembers that revdep-rebuild used to run ldd on all the *.so's in the system to do some verification checks. If this was true today, all gentoos would have been owned.