1 |
Hi, |
2 |
|
3 |
Finally, two months after your mail, I remembered a project I saw last |
4 |
year (or so) that might stick your need. |
5 |
|
6 |
http://anonscm.debian.org/gitweb/?p=d-i/mklibs.git |
7 |
http://anonscm.debian.org/gitweb/?p=d-i/mklibs.git;a=blob_plain;f=src/mklibs;h=216b34c1cb221458cd0d26c6bd5c719c3bf94ab2;hb=HEAD |
8 |
|
9 |
As describe, this tool : |
10 |
|
11 |
- Gather all unresolved symbols and libraries needed by the programs |
12 |
and reduced libraries |
13 |
- Gather all symbols provided by the already reduced libraries |
14 |
(none on the first pass) |
15 |
- If all symbols are provided we are done |
16 |
- go through all libraries and remember what symbols they provide |
17 |
- go through all unresolved/needed symbols and mark them as used |
18 |
- for each library: |
19 |
- find pic file (if not present copy and strip the so) |
20 |
- compile in only used symbols |
21 |
- strip |
22 |
- back to the top |
23 |
|
24 |
Beber |
25 |
|
26 |
On 2013-03-25 08:01, Kfir Lavi wrote: |
27 |
> Hi, |
28 |
> I'm looking for a way to reduce glibc code size. |
29 |
> It can be a way to make system smaller and minimize the impact |
30 |
> of attack vectors in glibc, as in return-to-libc attack. |
31 |
> |
32 |
> Lets say I'm deleting the program 'mkdir', and mkdir uses a function |
33 |
> in glibc that non of the other parts of the system uses. |
34 |
> Then I want to eliminate this function from glibc. This leads to |
35 |
> smaller |
36 |
> code and if this function is used in some attack scenario, maybe |
37 |
> prevent it. |
38 |
> |
39 |
> Is there a way to do it? |
40 |
> Can you help me think how to build a tool like this? or, integrate |
41 |
> with existing tools. |
42 |
> |
43 |
> Thanks, |
44 |
> Kfir |