Landry Breuil <lan...@openbsd.org> wrote: > I have to admit that now that we move towards unveil, dlopen() feels awkward, > especially with the version number hardcoded. I dont want to hardcode > libsndio.so.7.0 in the unveil config... and i dunno if having > /usr/lib/libsndio.so would work.
Yes, it should make you feel uncomfortable. dlopen() will also put you in a position of needing pledge "prot_exec", so ld.so can PROT_EXEC the loaded text segments. Of course there's few things an attacker wants as much as a fully operational mprotect system call to rop-pivot through. There are no programs trying to act this way in base, and the other major pledge/unveil program in ports are organized to avoid late dlopen().
