| 1 |
On Mon, May 27, 2013 at 4:09 PM, Bertrand Jacquin <beber@××××××××.net>wrote: |
| 2 |
|
| 3 |
> Hi, |
| 4 |
> |
| 5 |
> Finally, two months after your mail, I remembered a project I saw last |
| 6 |
> year (or so) that might stick your need. |
| 7 |
> |
| 8 |
> http://anonscm.debian.org/**gitweb/?p=d-i/mklibs.git<http://anonscm.debian.org/gitweb/?p=d-i/mklibs.git> |
| 9 |
> http://anonscm.debian.org/**gitweb/?p=d-i/mklibs.git;a=** |
| 10 |
> blob_plain;f=src/mklibs;h=**216b34c1cb221458cd0d26c6bd5c71** |
| 11 |
> 9c3bf94ab2;hb=HEAD<http://anonscm.debian.org/gitweb/?p=d-i/mklibs.git;a=blob_plain;f=src/mklibs;h=216b34c1cb221458cd0d26c6bd5c719c3bf94ab2;hb=HEAD> |
| 12 |
> |
| 13 |
> As describe, this tool : |
| 14 |
> |
| 15 |
> - Gather all unresolved symbols and libraries needed by the programs |
| 16 |
> and reduced libraries |
| 17 |
> - Gather all symbols provided by the already reduced libraries |
| 18 |
> (none on the first pass) |
| 19 |
> - If all symbols are provided we are done |
| 20 |
> - go through all libraries and remember what symbols they provide |
| 21 |
> - go through all unresolved/needed symbols and mark them as used |
| 22 |
> - for each library: |
| 23 |
> - find pic file (if not present copy and strip the so) |
| 24 |
> - compile in only used symbols |
| 25 |
> - strip |
| 26 |
> - back to the top |
| 27 |
> |
| 28 |
> Beber |
| 29 |
> |
| 30 |
> Thanks for your post. I really appreciate it. |
| 31 |
I'll take a deeper look on this project in the near future. |
| 32 |
|
| 33 |
Again thanks, |
| 34 |
Kfir |
| 35 |
|
| 36 |
|
| 37 |
> |
| 38 |
> On 2013-03-25 08:01, Kfir Lavi wrote: |
| 39 |
> |
| 40 |
>> Hi, |
| 41 |
>> I'm looking for a way to reduce glibc code size. |
| 42 |
>> It can be a way to make system smaller and minimize the impact |
| 43 |
>> of attack vectors in glibc, as in return-to-libc attack. |
| 44 |
>> |
| 45 |
>> Lets say I'm deleting the program 'mkdir', and mkdir uses a function |
| 46 |
>> in glibc that non of the other parts of the system uses. |
| 47 |
>> Then I want to eliminate this function from glibc. This leads to smaller |
| 48 |
>> code and if this function is used in some attack scenario, maybe prevent |
| 49 |
>> it. |
| 50 |
>> |
| 51 |
>> Is there a way to do it? |
| 52 |
>> Can you help me think how to build a tool like this? or, integrate |
| 53 |
>> with existing tools. |
| 54 |
>> |
| 55 |
>> Thanks, |
| 56 |
>> Kfir |
| 57 |
>> |
| 58 |
> |
| 59 |
> |
Archives