Security policies for GNU toolchain projects [LWN net] lwn.net - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from lwn.net Daily Mail and Mail on Sunday newspapers.
The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.
Qualys Security AdvisoryLooney Tunables: Local Privilege Escalation in the glibc's ld.so(CVE-2023-4911)========================================================================Contents========================================================================SummaryAnalysisProof of conceptExploitationAcknowledgmentsTimeline========================================================================Summary========================================================================The GNU C Library's dynamic loader "find[s] and load[s] the sharedobjects (shared libraries) needed by a program, prepare[s] the programto run, and then run[s] it" (man ld.so). The dynamic loader is extremelysecurity sensitive, because its code runs with elevated privileges whena local user
Open-source projects glibc and gnulib look to sever copyright ties with Free Software Foundation theregister.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from theregister.com Daily Mail and Mail on Sunday newspapers.