Abstract | ||
---|---|---|
Dynamically linked libraries such as libssl, libxml or libpam are in widespread use in server applications. Fixes to these libraries are released frequently, with security critical ones being among them few times each year--for example, to fix remote code execution. Such updates require applications to restart to make the dynamic linker effectively load the fix into the application. This is challenged by uptime-sensitive services leading to delayed installation of security patches and long periods of vulnerability. Current approaches to hot fixing such services allow instant replacement of functions. We discuss that security critical updates also affect data and present an approach for dynamically updating code and data in stock dynamically linked libraries in ELF format on Linux. The approach does not require source code access nor is preparation of applications ahead-of-time necessary, for example by code instrumentation. It uses the debugging symbols of all involved dynamic shared objects only. |
Year | DOI | Venue |
---|---|---|
2016 | 10.1145/2984043.2989223 | SPLASH (Companion Volume) |
Keywords | Field | DocType |
Dynamic Software Updating, Shared Libraries | Hot swapping,Instrumentation (computer programming),Dynamic software updating,Computer science,Source code,Dynamic linker,Operating system,Vulnerability,Debugging | Conference |
Citations | PageRank | References |
0 | 0.34 | 3 |
Authors | ||
5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Martin Alexander Neumann | 1 | 17 | 5.41 |
Christoph Tobias Bach | 2 | 0 | 0.68 |
Stefan Kratochwil | 3 | 0 | 0.34 |
Marcel Kost | 4 | 0 | 0.34 |
M. Beigl | 5 | 2034 | 311.09 |