[Dwarf-Discuss] security implications of DWARF info

James Oakley James.M.H.Oakley at Dartmouth.edu
Tue Nov 23 17:43:44 PST 2010


 >     I know that it gives symbol names&c, but is there other info that
 >     would pose a security risk?  I'm guessing so.  Will read full spec
 >     in good time, I suppose.

How would it pose a security risk? Or do you mean would it aid reverse 
engineers, thereby posing a risk to your intellectual property?

 >     How can you do this?  I'm mostly interested in munging human-readable
 >     names into meaningless ones (e.g. function2501) in .dSYM files.
 >     Can't find any tools for doing this easily.

I don't think this is the correct list for this question, but why don't you 
just hash all of your symbol names and replace the names in the strtab (or 
equivalent, I'm not familiar with dSYM or with development on Darwin/OS X in 
general) with their hashes.

On 11/23/2010 08:32 PM, travis+ml-dwarf at subspacefield.org wrote:
> Hey all,
>
> Suppose you were a commercial software company and a big target for
> attackers.
>
> Suppose also that you were wanting to release some amount of
> information so that third parties could classify crash dumps and
> figure out if something is a new issue or not, between different
> builds and versions.
>
> What are the possible solutions?
>
> 1) Give out full DWARF info.
>     I know that it gives symbol names&c, but is there other info that
>     would pose a security risk?  I'm guessing so.  Will read full spec
>     in good time, I suppose.
>
> 2) Give out obfuscated symbol names.
>     How can you do this?  I'm mostly interested in munging human-readable
>     names into meaningless ones (e.g. function2501) in .dSYM files.
>     Can't find any tools for doing this easily.
>
>     When doing this, how would I strip out all but what is necessary
>     for symbolicating crash dumps?
>
> 3) Other options?
>
>
>
> _______________________________________________
> Dwarf-Discuss mailing list
> Dwarf-Discuss at lists.dwarfstd.org
> http://lists.dwarfstd.org/listinfo.cgi/dwarf-discuss-dwarfstd.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3262 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.dwarfstd.org/private.cgi/dwarf-discuss-dwarfstd.org/attachments/20101123/edac4f46/attachment-0002.bin>


More information about the Dwarf-Discuss mailing list