1.5.4 Ensure prelink is disabled (Scored)

Level 1 - Server 
Level 1 - Workstation

prelink is a program that modifies ELF shared libraries and ELF dynamically linked binaries in such a way that the time needed for the dynamic linker to perform relocations at startup significantly decreases.

The prelinking feature can interfere with the operation of AIDE, because it changes binaries. Prelinking can also increase the vulnerability of the system if a malicious user is able to compromise a common library such as libc.

Run the following command and verify prelink is not installed:

# dpkg -s prelink

Run the following command to restore binaries to normal:

# prelink -ua

Run the following command to uninstall prelink:

# apt-get remove prelink
  • ubuntu1604/1/5/4.txt
  • Last modified: 2017/05/02 16:04
  • by Piotr K┼éoczewski