Bug#445595: Let's fix this for Lenny
russell at coker.com.au
Sun Aug 10 10:43:08 UTC 2008
This is a two line patch that makes no actual code changes (it just changes
the labelling of the shared object header). The result of this change is the
same as running "execstack -c" on the shared object.
This patch improves system security. Without it any program that links to
that shared object (or any shared object that depends on it) will run with an
For example here is the difference in output between "paxtest kiddie"
and "LD_PRELOAD=/usr/lib/libsmpeg-0.4.so.0 paxtest kiddie":
< Executable stack : Killed
> Executable stack : Vulnerable
While it seems unlikely that someone would use LD_PRELOAD in such a manner in
any realistic attack situation, it is a good demonstration of the result of
having the shared object in question linked to the executable.
With my patch applied the result is that the "Executable stack" test gives a
result of "Killed". NB paxtest is an i386 only package, but I believe that
the same result applies to AMD64.
It would be quite embarrassing if Lenny was vulnerable to a security problem
because of this with the patch in the BTS for almost a year.
Would you like me to NMU it?
More information about the Pkg-sdl-maintainers