[Dwarf-Discuss] security implications of DWARF info

travis+ml-dwarf at subspacefield.org travis+ml-dwarf at subspacefield.org
Tue Nov 23 17:32:24 PST 2010


Hey all,

Suppose you were a commercial software company and a big target for
attackers.

Suppose also that you were wanting to release some amount of
information so that third parties could classify crash dumps and
figure out if something is a new issue or not, between different
builds and versions.

What are the possible solutions?

1) Give out full DWARF info.
   I know that it gives symbol names &c, but is there other info that
   would pose a security risk?  I'm guessing so.  Will read full spec
   in good time, I suppose.

2) Give out obfuscated symbol names.
   How can you do this?  I'm mostly interested in munging human-readable
   names into meaningless ones (e.g. function2501) in .dSYM files.
   Can't find any tools for doing this easily.

   When doing this, how would I strip out all but what is necessary
   for symbolicating crash dumps?

3) Other options?
-- 
Good code works on most inputs; correct code works on all inputs.
My emails do not have attachments; it's a digital signature that your mail
program doesn't understand. | http://www.subspacefield.org/~travis/ 
If you are a spammer, please email john at subspacefield.org to get blacklisted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.dwarfstd.org/private.cgi/dwarf-discuss-dwarfstd.org/attachments/20101123/a07b60e3/attachment-0001.pgp>


More information about the Dwarf-Discuss mailing list