分类: LINUX
2006-07-03 22:53:46
#include #include #define __USE_GNU #include #undef __USE_GNU #include /* init functions. */ void _init(void); /* export functions. */ pid_t fork(void); /* old functions. */ static pid_t (*old_fork)(void); void _init(void) { printf("libtest starting ...\n"); old_fork = dlsym(RTLD_NEXT, "fork"); if(!old_fork){ perror("can't find routine fork.\n"); return; } printf("libtest is initialed.\n"); } pid_t fork(void) { printf("calling fork ...\n"); return old_fork(); } |
$ gcc -c test.c -fPIC $ ld -o libtest.so -shared -lc -ldl test.o |
$ export LD_PRELOAD="./libtest.so" |
$ ls libtest starting ... libtest is initialed. |
#include #include int main(void) { int retval; retval = fork(); if(retval == 0){ printf("I am child.\n"); }else if(retval > 0){ printf("I am parent.\n"); }else{ perror("fork"); } return retval; } |
$ ./a.out libtest starting ... libtest is initialed. calling fork ... I am child. I am parent. |
$ ls -l /bin/passwd libtest starting ... libtest is initialed. -rws--x--x 1 root root 29384 06-17 08:22 /bin/passwd $ /bin/passwd Changing password for xiaosuo (current) UNIX password: passwd:Authentication token manipulation error |
1617 /* We have two ways to specify objects to preload: via environment 1618 variable and via the file /etc/ld.so.preload. The latter can also 1619 be used when security is enabled. */ 1620 assert (*first_preload == NULL); 1621 struct link_map **preloads = NULL; 1622 unsigned int npreloads = 0; 1623 1624 if (__builtin_expect (preloadlist != NULL, 0)) 1625 { 1626 /* The LD_PRELOAD environment variable gives list of libraries 1627 separated by white space or colons that are loaded before the 1628 executable's dependencies and prepended to the global scope 1629 list. If the binary is running setuid all elements 1630 containing a '/' are ignored since it is insecure. */ 1631 char *list = strdupa (preloadlist); 1632 char *p; |