[Bug 13750] New: Thunar unable to recognize executables due to ASLR

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 13750] New: Thunar unable to recognize executables due to ASLR

bugzilla-daemon
https://bugzilla.xfce.org/show_bug.cgi?id=13750

            Bug ID: 13750
           Summary: Thunar unable to recognize executables due to ASLR
    Classification: Xfce Core
           Product: Thunar
           Version: 1.6.12
          Hardware: PC (x86_64)
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: Medium
         Component: General
          Assignee: [hidden email]
          Reporter: [hidden email]
        QA Contact: [hidden email]
                CC: [hidden email], [hidden email]
  Target Milestone: 1.8.0

ASLR(address space layout randomization) appears to be apart of "kernel
hardening" and seems to have been in the "pipeline" for some time.
See link - linux audit:
https://linux-audit.com/linux-aslr-and-kernelrandomize_va_space-setting/

As a result, any executable built on a computer will be done with the linking
flag "-PIE" or Positional Independent Executable by default.

fedora info indicates this was made default in F23:
https://fedoraproject.org/wiki/Security_Features?rd=Security/Features#Exec-Shield

ubuntu info states default established in 17.10:
https://wiki.ubuntu.com/Security/Features#Built_as_PIE

debian info has been set going forward:
https://wiki.debian.org/Hardening#DEB_BUILD_HARDENING_PIE_.28gcc.2Fg.2B-.2B-_-fPIE_-pie.29

Linux kernel made the flag available as of ver 4.4.26:
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.26

This changes the behaviour of how "file" reports the mime type of an
executable. By extension, this affects how Thunar will handle that executable
when the user attempts to execute what is thought to be an application. An
application built with the "-PIE" flag will be seen as a
"application/x-sharedlib" mime type unless the user explicitly uses the
"-nopie" link flag. When attempting to open the application, Thunar will ask
the user what application to use - even though it's an application.

Personally, I think this is "security theatre" and "security by obfuscation",
but this is what the kernel boffins have come out with.
However,  the problem remains...

Thunar does not recognize nor respond as expected when attempting access
Positional Independent Executable's.

--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
Xfce-bugs mailing list
[hidden email]
https://mail.xfce.org/mailman/listinfo/xfce-bugs
Loading...