260:
165:
63:
22:
528:
the address space of higher privileged processes. Local access may commonly be gained by shell accounts or Web server accounts that allow the use of CGI scripts, which may read and output any file on the system. Directory traversal vulnerabilities can be used by attackers without accounts if CGI script vulnerabilities are available.
413:
While dynamic linking has advantages in code size and management, there are drawbacks as well. Every time a program is run, the loader needs to resolve (find) the relevant libraries. Since libraries move around in memory, there is a performance penalty for resolution. This penalty increases for each
527:
By reading a shared library file such as libc, an attacker with local access can discover the load address of libc in every other application on the system. Since most programs link to libc, the libc library file always has to be readable; any attacker with local access may gather information about
450:
Prebinding has changed a few times within the Mac OS X series. Before 10.2, prebinding only happened during the installation procedure (the aforementioned "Optimizing" stage). From 10.2 through 10.3 the OS checked for prebinding at launch time for applications, and the first time an application ran
531:
Because prelink is often run periodically, typically every two weeks, the address of any given library has a chance of changing over time. prelink is often used in an incremental mode in which already prelinked libraries are not altered unless absolutely necessary, so a library may not change its
519:
As stated, prelink and per-process library address randomization cannot be used in conjunction. In order to avoid completely removing this security enhancement, prelink supplies its own randomization; however, this does not help a general information leak caused by prelink. Attackers with the
451:
it would be prebound, making subsequent launches faster. This could also be manually run, which some OS-level installs did. In 10.4, only OS libraries were prebound. In 10.5 and later, Apple replaced prebinding with a
532:
base address when prelink is re-run. This gives any address derived a half-life of the period in which prelink is run. Also note that if a new version of the library is installed, the addresses change.
417:
Prelinking reduces this penalty by resolving libraries in advance. Afterward, resolution only occurs if the libraries have changed since being prelinked, such as following perhaps an upgrade.
520:
ability to read certain arbitrary files on the target system can discover where libraries are loaded in privileged daemons; often libc is enough as it is the most common library used in
516:(ASLR) for libraries cannot be used in conjunction with prelink without defeating the purpose of prelink and forcing the dynamic linker to perform relocations at program load time.
84:
77:
479:
650:
577:
internally. Specifically when checkpointing a program on one host, and trying to restart on a different host, the restarted program may fail with a
842:"Speed up application load time in Ubuntu Linux Hardy Heron using prelink: HOWTO and benchmarks (mention in ubuntuforums/original link is dead)"
512:
attack harder to perform because the addresses are unique to that system. The reason prelink does this is because kernel facilities supplying
508:
When run with the "-R" option, prelink will randomly select the address base where libraries are loaded. This selection makes a
175:
565:
904:
899:
590:
513:
324:
233:
127:
361:
343:
146:
49:
296:
205:
99:
536:
744:
487:
303:
281:
212:
190:
106:
894:
620:
496:
Performance results have been mixed, but it seems to aid systems with a large number of libraries, such as
310:
219:
113:
544:
447:
performs prebinding in the "Optimizing" stage of installing system software or certain applications.
790:
292:
201:
95:
540:
277:
35:
721:
386:, is a method for optimizing application load times by resolving library symbols prior to launch.
270:
73:
560:
777:
521:
811:: prelink ELF shared libraries and binaries to speed up startup time –
700:
8:
595:
605:
600:
403:
402:
to execute. These libraries are normally integrated with the program at run time by a
834:
825:
456:
317:
226:
120:
475:
395:
841:
688:
856:
407:
186:
909:
625:
509:
399:
888:
830:
759:
669:
472:
821:
41:
581:
due to differences in host-specific library memory address randomization.
610:
433:
630:
490:
426:
806:
375:
259:
164:
62:
871:
816:
615:
578:
444:
570:
483:
551:
programs be built PIE to facilitate a more secure environment.
430:
812:
548:
452:
497:
182:
284:. Unsourced material may be challenged and removed.
869:
459:mechanism, which provided better OS performance.
886:
559:Occasionally, prelinking can cause issues with
467:On Linux, prelinking is accomplished via the
191:introducing citations to additional sources
670:"ELF Prelinking and what it can do for you"
50:Learn how and when to remove these messages
722:"segfault when resuming on different host"
872:"Prelink and Address Space Randomization"
362:Learn how and when to remove this message
344:Learn how and when to remove this message
147:Learn how and when to remove this message
503:
181:Relevant discussion may be found on the
815:Administration and Privileged Commands
757:
414:additional library needing resolution.
398:consist of code that requires external
887:
719:
667:
83:Please improve this article by adding
854:
839:
282:adding citations to reliable sources
253:
158:
56:
15:
651:"Manual Page for update_prebinding"
569:, as well as other libraries (like
13:
751:
547:, and recommends that network and
514:address space layout randomization
14:
921:
870:John Richard Moser (2006-07-05).
798:
31:This article has multiple issues.
537:position independent executables
258:
174:relies largely or entirely on a
163:
61:
20:
269:needs additional citations for
39:or discuss these issues on the
713:
693:
682:
661:
643:
535:Jakub Jelínek points out that
1:
758:Jelínek, Jakub (2004-03-04).
636:
389:
85:secondary or tertiary sources
857:"Gentoo Linux Prelink Guide"
855:Jones, Stefan (2007-04-02).
840:Riis, Quintin (2008-06-15).
668:Crasta, James (2004-05-17).
7:
720:Hursey, Josh (2011-12-29).
584:
563:and restart libraries like
539:(PIE) ignore prelinking on
439:
10:
926:
905:Memory management software
655:Apple Developer Connection
900:Preloading and prebinding
554:
420:
541:Red Hat Enterprise Linux
462:
785:Cite journal requires
745:A detailed explanation
561:application checkpoint
522:return-to-libc attacks
406:, in a process called
72:relies excessively on
657:. Apple Computer Inc.
504:prelink randomization
895:Free system software
278:improve this article
187:improve this article
596:Library (computing)
606:Loader (computing)
601:Linker (computing)
822:Official releases
396:computer programs
372:
371:
364:
354:
353:
346:
328:
252:
251:
237:
157:
156:
149:
131:
54:
917:
881:
879:
878:
866:
864:
863:
851:
849:
848:
810:
809:
794:
788:
783:
781:
773:
771:
770:
764:
737:
736:
734:
733:
717:
711:
710:
708:
707:
697:
691:
686:
680:
679:
677:
676:
665:
659:
658:
647:
576:
568:
400:shared libraries
367:
360:
349:
342:
338:
335:
329:
327:
286:
262:
254:
247:
244:
238:
236:
195:
167:
159:
152:
145:
141:
138:
132:
130:
89:
65:
57:
46:
24:
23:
16:
925:
924:
920:
919:
918:
916:
915:
914:
885:
884:
876:
874:
861:
859:
846:
844:
805:
804:
801:
786:
784:
775:
774:
768:
766:
762:
754:
752:Further reading
741:
740:
731:
729:
718:
714:
705:
703:
699:
698:
694:
687:
683:
674:
672:
666:
662:
649:
648:
644:
639:
591:Dynamic binding
587:
574:
564:
557:
506:
465:
442:
423:
408:dynamic linking
392:
368:
357:
356:
355:
350:
339:
333:
330:
287:
285:
275:
263:
248:
242:
239:
196:
194:
180:
168:
153:
142:
136:
133:
90:
88:
82:
78:primary sources
66:
25:
21:
12:
11:
5:
923:
913:
912:
907:
902:
897:
883:
882:
867:
852:
837:
828:
819:
800:
799:External links
797:
796:
795:
787:|journal=
753:
750:
749:
748:
739:
738:
728:(Mailing list)
712:
692:
681:
660:
641:
640:
638:
635:
634:
633:
628:
626:Static library
623:
618:
613:
608:
603:
598:
593:
586:
583:
556:
553:
510:return-to-libc
505:
502:
464:
461:
441:
438:
425:Mac OS stores
422:
419:
391:
388:
382:, also called
370:
369:
352:
351:
266:
264:
257:
250:
249:
185:. Please help
171:
169:
162:
155:
154:
69:
67:
60:
55:
29:
28:
26:
19:
9:
6:
4:
3:
2:
922:
911:
908:
906:
903:
901:
898:
896:
893:
892:
890:
873:
868:
858:
853:
843:
838:
836:
835:prelink-cross
832:
831:Yocto Project
829:
827:
826:Jakub Jelínek
823:
820:
818:
814:
808:
803:
802:
792:
779:
761:
756:
755:
747:of prebinding
746:
743:
742:
727:
726:OpenMPI Users
723:
716:
702:
696:
690:
685:
671:
664:
656:
652:
646:
642:
632:
629:
627:
624:
622:
619:
617:
614:
612:
609:
607:
604:
602:
599:
597:
594:
592:
589:
588:
582:
580:
572:
567:
562:
552:
550:
546:
542:
538:
533:
529:
525:
523:
517:
515:
511:
501:
499:
494:
492:
489:
485:
481:
480:Jakub Jelínek
477:
474:
470:
460:
458:
454:
448:
446:
437:
435:
432:
428:
418:
415:
411:
409:
405:
401:
397:
387:
385:
381:
377:
366:
363:
348:
345:
337:
326:
323:
319:
316:
312:
309:
305:
302:
298:
295: –
294:
290:
289:Find sources:
283:
279:
273:
272:
267:This article
265:
261:
256:
255:
246:
235:
232:
228:
225:
221:
218:
214:
211:
207:
204: –
203:
199:
198:Find sources:
192:
188:
184:
178:
177:
176:single source
172:This article
170:
166:
161:
160:
151:
148:
140:
129:
126:
122:
119:
115:
112:
108:
105:
101:
98: –
97:
93:
92:Find sources:
86:
80:
79:
75:
70:This article
68:
64:
59:
58:
53:
51:
44:
43:
38:
37:
32:
27:
18:
17:
875:. Retrieved
860:. Retrieved
845:. Retrieved
778:cite journal
767:. Retrieved
730:. Retrieved
725:
715:
704:. Retrieved
695:
684:
673:. Retrieved
663:
654:
645:
558:
534:
530:
526:
518:
507:
495:
468:
466:
449:
443:
424:
416:
412:
393:
383:
379:
373:
358:
340:
331:
321:
314:
307:
300:
288:
276:Please help
271:verification
268:
240:
230:
223:
216:
209:
197:
173:
143:
134:
124:
117:
110:
103:
91:
71:
47:
40:
34:
33:Please help
30:
765:. Draft 0.7
611:Object file
573:) that use
478:written by
471:program, a
434:file format
427:executables
889:Categories
877:2006-07-13
862:2006-05-10
847:2008-08-22
807:prelink(8)
769:2006-07-14
732:2012-01-05
706:2012-01-05
701:"BLCR FAQ"
675:2006-05-10
637:References
631:Prefetcher
621:Relocation
390:Background
384:prelinking
380:prebinding
334:March 2010
304:newspapers
243:April 2010
213:newspapers
137:March 2011
107:newspapers
74:references
36:improve it
760:"Prelink"
376:computing
293:"Prelink"
202:"Prelink"
183:talk page
96:"Prelink"
42:talk page
616:Rebasing
585:See also
579:segfault
491:binaries
445:Mac OS X
440:Mac OS X
571:OpenMPI
484:Red Hat
476:program
469:prelink
455:shared
429:in the
318:scholar
227:scholar
121:scholar
817:Manual
555:Issues
545:Fedora
431:Mach-O
421:Mac OS
404:loader
320:
313:
306:
299:
291:
229:
222:
215:
208:
200:
123:
116:
109:
102:
94:
910:MacOS
833:fork
813:Linux
763:(PDF)
463:Linux
457:cache
394:Most
325:JSTOR
311:books
234:JSTOR
220:books
128:JSTOR
114:books
791:help
689:blcr
575:blcr
566:blcr
549:SUID
543:and
486:for
473:free
453:dyld
297:news
206:news
100:news
824:by
498:KDE
488:ELF
482:of
374:In
280:by
189:by
76:to
891::
782::
780:}}
776:{{
724:.
653:.
524:.
500:.
493:.
436:.
410:.
378:,
87:.
45:.
880:.
865:.
850:.
793:)
789:(
772:.
735:.
709:.
678:.
365:)
359:(
347:)
341:(
336:)
332:(
322:·
315:·
308:·
301:·
274:.
245:)
241:(
231:·
224:·
217:·
210:·
193:.
179:.
150:)
144:(
139:)
135:(
125:·
118:·
111:·
104:·
81:.
52:)
48:(
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.
