| 1 |
Hi, |
| 2 |
|
| 3 |
Finally, two months after your mail, I remembered a project I saw last |
| 4 |
year (or so) that might stick your need. |
| 5 |
|
| 6 |
http://anonscm.debian.org/gitweb/?p=d-i/mklibs.git |
| 7 |
http://anonscm.debian.org/gitweb/?p=d-i/mklibs.git;a=blob_plain;f=src/mklibs;h=216b34c1cb221458cd0d26c6bd5c719c3bf94ab2;hb=HEAD |
| 8 |
|
| 9 |
As describe, this tool : |
| 10 |
|
| 11 |
- Gather all unresolved symbols and libraries needed by the programs |
| 12 |
and reduced libraries |
| 13 |
- Gather all symbols provided by the already reduced libraries |
| 14 |
(none on the first pass) |
| 15 |
- If all symbols are provided we are done |
| 16 |
- go through all libraries and remember what symbols they provide |
| 17 |
- go through all unresolved/needed symbols and mark them as used |
| 18 |
- for each library: |
| 19 |
- find pic file (if not present copy and strip the so) |
| 20 |
- compile in only used symbols |
| 21 |
- strip |
| 22 |
- back to the top |
| 23 |
|
| 24 |
Beber |
| 25 |
|
| 26 |
On 2013-03-25 08:01, Kfir Lavi wrote: |
| 27 |
> Hi, |
| 28 |
> I'm looking for a way to reduce glibc code size. |
| 29 |
> It can be a way to make system smaller and minimize the impact |
| 30 |
> of attack vectors in glibc, as in return-to-libc attack. |
| 31 |
> |
| 32 |
> Lets say I'm deleting the program 'mkdir', and mkdir uses a function |
| 33 |
> in glibc that non of the other parts of the system uses. |
| 34 |
> Then I want to eliminate this function from glibc. This leads to |
| 35 |
> smaller |
| 36 |
> code and if this function is used in some attack scenario, maybe |
| 37 |
> prevent it. |
| 38 |
> |
| 39 |
> Is there a way to do it? |
| 40 |
> Can you help me think how to build a tool like this? or, integrate |
| 41 |
> with existing tools. |
| 42 |
> |
| 43 |
> Thanks, |
| 44 |
> Kfir |
Archives