> The alternative they present is arguably less secure because the function pointer will remain writable for the life of the process

The article mentions this, and also points to mprotect which you can use to protect the pointer.

Why people jump to criticize without reading first? BTW, you can ask an LLM to check your critique, before posting, if you don't want to read the text.

▲

IAmLiterallyAB 6 hours ago | parent [-]

Yes but at best their "solution" is equally secure, not any better.

▲

ordu 4 hours ago | parent | next [-]

They argue, and I tend to agree, that their solution is more secure.

1. It impiles some function pointers to be writable temporarily, not all of them.

2. It doesn't hide writable pointers from a cursory glance not familiar with IFUNC.

	▲	anarazel 3 hours ago \| parent [-]
		The GOT has to be initially writable regardless of ifunc, even with relro, to apply relocations.

▲

kstrauser 4 hours ago | parent | prev [-]

Would xz still have been able to alter opensshd without IFUNC?

	▲	rwmj 31 minutes ago \| parent [-]
		Yes, liblzma could have used multiple routes to take over sshd. Once you're running inside the process it's game over. The exact details, like how they used ifunc and an audit hook, are very interesting, but ultimately not that important.