[tor-dev] Torsocks 2.x issue - Need eyes on that

David Goulet dgoulet at ev0ke.net
Wed Oct 30 01:19:19 UTC 2013

On 29 Oct (16:41:02), Ian Goldberg wrote:
> On Tue, Oct 29, 2013 at 03:10:50PM -0400, David Goulet wrote:
> > That would work if there is a way I can "differ" the hijack of the
> > syscall symbol... Unfortunately, this is done at linking time thus
> > during run time, the syscall symbol is already hijacked by torsocks.
> > 
> > Let say we don't try to lookup the syscall symbol, the issue is that the
> > original syscall libc pointer will NOT exists within torsocks code so we
> > can't handle call to syscall() because we can't route it to libc. :S
> > 
> > It's really that we get in a kind of "infinite loop" where dlsym calls
> > syscall that calls dlsym and so on. But in the first place, we at least
> > need the libc syscall symbol so we can handle them.
> Might it be possible to use objcopy tricks like --prefix-string or
> --redefine-sym to make the exported version of syscall different from
> the imported version?  Then the torsocks code could just call syscall()
> as a normal libc function, linked by ld.so, but when firefox called
> syscall, it would call torsocks's torsocks_syscall(), or something?

I've played a bit with objcopy and redefining dynamic symbols is not
possible. And a stripped binary makes things harder also...

Unless you know a way to do that, I'll check in an other direction.

Big thanks Ian!

>    - Ian
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 620 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20131029/61f455f9/attachment-0001.sig>

More information about the tor-dev mailing list