1 |
On Mon, May 27, 2013 at 4:09 PM, Bertrand Jacquin <beber@××××××××.net>wrote: |
2 |
|
3 |
> Hi, |
4 |
> |
5 |
> Finally, two months after your mail, I remembered a project I saw last |
6 |
> year (or so) that might stick your need. |
7 |
> |
8 |
> http://anonscm.debian.org/**gitweb/?p=d-i/mklibs.git<http://anonscm.debian.org/gitweb/?p=d-i/mklibs.git> |
9 |
> http://anonscm.debian.org/**gitweb/?p=d-i/mklibs.git;a=** |
10 |
> blob_plain;f=src/mklibs;h=**216b34c1cb221458cd0d26c6bd5c71** |
11 |
> 9c3bf94ab2;hb=HEAD<http://anonscm.debian.org/gitweb/?p=d-i/mklibs.git;a=blob_plain;f=src/mklibs;h=216b34c1cb221458cd0d26c6bd5c719c3bf94ab2;hb=HEAD> |
12 |
> |
13 |
> As describe, this tool : |
14 |
> |
15 |
> - Gather all unresolved symbols and libraries needed by the programs |
16 |
> and reduced libraries |
17 |
> - Gather all symbols provided by the already reduced libraries |
18 |
> (none on the first pass) |
19 |
> - If all symbols are provided we are done |
20 |
> - go through all libraries and remember what symbols they provide |
21 |
> - go through all unresolved/needed symbols and mark them as used |
22 |
> - for each library: |
23 |
> - find pic file (if not present copy and strip the so) |
24 |
> - compile in only used symbols |
25 |
> - strip |
26 |
> - back to the top |
27 |
> |
28 |
> Beber |
29 |
> |
30 |
> Thanks for your post. I really appreciate it. |
31 |
I'll take a deeper look on this project in the near future. |
32 |
|
33 |
Again thanks, |
34 |
Kfir |
35 |
|
36 |
|
37 |
> |
38 |
> On 2013-03-25 08:01, Kfir Lavi wrote: |
39 |
> |
40 |
>> Hi, |
41 |
>> I'm looking for a way to reduce glibc code size. |
42 |
>> It can be a way to make system smaller and minimize the impact |
43 |
>> of attack vectors in glibc, as in return-to-libc attack. |
44 |
>> |
45 |
>> Lets say I'm deleting the program 'mkdir', and mkdir uses a function |
46 |
>> in glibc that non of the other parts of the system uses. |
47 |
>> Then I want to eliminate this function from glibc. This leads to smaller |
48 |
>> code and if this function is used in some attack scenario, maybe prevent |
49 |
>> it. |
50 |
>> |
51 |
>> Is there a way to do it? |
52 |
>> Can you help me think how to build a tool like this? or, integrate |
53 |
>> with existing tools. |
54 |
>> |
55 |
>> Thanks, |
56 |
>> Kfir |
57 |
>> |
58 |
> |
59 |
> |