]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ab5a79f) | patch
dlfcn-util: let's make our dlopen() code fail if we enter a container namespace
authorLennart Poettering <lennart@poettering.net>
Wed, 19 Nov 2025 16:13:50 +0000 (17:13 +0100)
committerLennart Poettering <lennart@poettering.net>
Mon, 24 Nov 2025 08:19:33 +0000 (09:19 +0100)
commit2c7bdaf9f144ad339c72628579183fc849f2b794
tree58878555b44017e82e011bd224affd7a064196b8tree | snapshot
parentab5a79ff5d9bae48d544585c84768234e60644bdcommit | diff
dlfcn-util: let's make our dlopen() code fail if we enter a container namespace

Now that we dlopen() so many deps, it might happen by accident that we
end up dlopen()ening stuff when we entered a container, which we should
really avoid, to not mix host and container libraries.

Let's add a global variable we can set when we want to block dlopen() to
ever succeed. This is then checked primarily in
dlopen_many_sym_or_warn(), where we'll generate EPERM plus a log
message.

There are a couple of other places we invoke dlopen(), without going
through dlopen_many_sym_or_warn(). This adds the same check there.
src/basic/dlfcn-util.c diff | blob | blame | history
src/basic/dlfcn-util.h diff | blob | blame | history
src/core/exec-invoke.c diff | blob | blame | history
src/nspawn/nspawn.c diff | blob | blame | history
src/shared/bpf-dlopen.c diff | blob | blame | history
src/shared/idn-util.c diff | blob | blame | history
src/shared/tpm2-util.c diff | blob | blame | history
src/shared/userdb.c diff | blob | blame | history
src/test/test-dlopen.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.