Hi,
Finally, two months after your mail, I remembered a project I saw last year (or so) that might stick your need.
http://anonscm.debian.org/gitweb/?p=d-i/mklibs.git
http://anonscm.debian.org/gitweb/?p=d-i/mklibs.git;a=blob_plain;f=src/mklibs;h=216b34c1cb221458cd0d26c6bd5c719c3bf94ab2;hb=HEAD
As describe, this tool :
- Gather all unresolved symbols and libraries needed by the programs
and reduced libraries
- Gather all symbols provided by the already reduced libraries
(none on the first pass)
- If all symbols are provided we are done
- go through all libraries and remember what symbols they provide
- go through all unresolved/needed symbols and mark them as used
- for each library:
- find pic file (if not present copy and strip the so)
- compile in only used symbols
- strip
- back to the top
Beber
On 2013-03-25 08:01, Kfir Lavi wrote:
Hi,
I'm looking for a way to reduce glibc code size.
It can be a way to make system smaller and minimize the impact
of attack vectors in glibc, as in return-to-libc attack.
Lets say I'm deleting the program 'mkdir', and mkdir uses a function
in glibc that non of the other parts of the system uses.
Then I want to eliminate this function from glibc. This leads to smaller
code and if this function is used in some attack scenario, maybe prevent it.
Is there a way to do it?
Can you help me think how to build a tool like this? or, integrate
with existing tools.
Thanks,
Kfir