[Pkg-utopia-maintainers] Bug#889900: policykit-1: write and execute memory regions
Laurent Bonnaud
L.Bonnaud at laposte.net
Thu Feb 8 14:43:58 UTC 2018
Package: policykit-1
Version: 0.113-6
Severity: normal
Tags: security
Dear Maintainer,
the polkitd process runs with several memory zones with both write and execute permissions:
# grep rwxp /proc/$(pidof polkitd)/maps
7f2638828000-7f2638838000 rwxp 00000000 00:00 0
7f263884f000-7f263885f000 rwxp 00000000 00:00 0
7f2638880000-7f26388a0000 rwxp 00000000 00:00 0
This is a problem because in case of a bug in polkitd, it might be use to inject code into the process.
The same problem does exist neither in Debian 9, nor in Ubuntu 17.10 nor in Fedora 27. It seems specific to Debian experimental.
-- System Information:
Debian Release: buster/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 4.14.0-3-rt-amd64 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages policykit-1 depends on:
ii adduser 3.117
ii dbus 1.12.2-1
ii libc6 2.27-0experimental0
ii libexpat1 2.2.5-3
ii libglib2.0-0 2.55.1-1
ii libmozjs185-1.0 1.8.5-1.0.0+dfsg-7
ii libnspr4 2:4.18-1
ii libpam-systemd 237-1
ii libpam0g 1.1.8-3.7
ii libpolkit-agent-1-0 0.113-6
ii libpolkit-gobject-1-0 0.113-6
ii libsystemd0 237-1
policykit-1 recommends no packages.
policykit-1 suggests no packages.
-- Configuration Files:
/etc/polkit-1/rules.d/40-debian-sudo.rules [Errno 13] Permission denied: '/etc/polkit-1/rules.d/40-debian-sudo.rules'
/etc/polkit-1/rules.d/50-default.rules [Errno 13] Permission denied: '/etc/polkit-1/rules.d/50-default.rules'
-- no debconf information
--
Laurent.
More information about the Pkg-utopia-maintainers
mailing list