[Mono-bugs] [Bug 641915] Security hole: Mono should not search current directory for DLLs

bugzilla_noreply at novell.com bugzilla_noreply at novell.com
Tue Sep 28 07:50:48 EDT 2010



--- Comment #6 from Richard Brooksby <rb at ravenbrook.com> 2010-09-28 11:50:47 UTC ---
Ah sorry Miguel, I didn't understand why the bug was closed if you could see
the problem.

Incidentally, I tried the same experiment with an assembly, and it doesn't
work.  This means that the documentation at
http://www.mono-project.com/DllNotFoundException is wrong!  It says:

  Mono will search for a library in three places:
  The current directory.
  In directories specified by the $LD_LIBRARY_PATH environment variable
  By querying the system's dynamic linker (ldconfig)'s cache (/etc/ld.so.cache)

Not true.  Here is the test:

$ echo 'using Stuff; class X { static void Main() { Stuff.Stuff.Go(); } }' >
$ echo 'namespace Stuff { public class Stuff { public static void Go() {
System.Console.WriteLine("hola"); }}}' > stuff.cs
$ gmcs -t:library stuff.cs
$ gmcs -r:stuff.dll main.cs
$ mono main.exe
$ mkdir hack
$ cd hack
$ echo 'namespace Stuff { public class Stuff { public static void Go() {
System.Console.WriteLine("hack"); }}}' > stuff.cs
$ gmcs -t:library stuff.cs
$ mono ../main.exe
$ rm ../stuff.dll
$ mono ../main.exe
** (../main.exe:6707): WARNING **: The following assembly referenced from
/Local/Users/rb/tmp/bug/main.exe could not be loaded:

So, mono is *not* searching the CWD for stuff.dll.  The evidence is that it is
searching the base path of the executable (i.e. ../)  That is far more secure. 
So perhaps this problem is only for DllImport.

In that case, the page at http://www.mono-project.com/DllNotFoundException
needs correcting.


Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.

More information about the mono-bugs mailing list