Rich Felker

Aside from the IFUNC mechanism (which #musl doesn't and won't support, btw), the one way for libraries that get linked but not used to run code is as global constructors.

Wouldn't it be nice if distros could just audit for which libs have global ctors, and apply greater scrutiny to pulling ones that do into sensitive programs?

Well...

🧵

1+
robryk
Follow

@dalias

What about getting called by defining a symbol that is normally exported by another library?

· · 0 · 0 · 0
Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.

Trending now

Resources

Developers

What is Mastodon?

qoto.org

More…

v3.5.19-qoto · Privacy policy