[File] v5.34 - Shared libraries detected as PIE executable
Christos Zoulas
christos at zoulas.com
Fri Feb 1 17:59:24 UTC 2019
On Jan 31, 10:19am, petr.hruska at nokia.com ("Hruska, Petr (Nokia - CZ/Prague)") wrote:
-- Subject: [File] v5.34 - Shared libraries detected as PIE executable
| Hello,
|
| After introduction 5.34 file version, we have problem with rpmbuild functio=
| nality, where rpmbuild scripts as example [2] are dependent on file command=
| output. Problem is identical to reported issue https://bugs.astron.com/vie=
| w.php?id=3D28. "0000028: file reports a dynamically linked library as ELF 3=
| 2-bit LSB pie executable instead of ELF 32-bit LSB shared object". Which wa=
| s closed as not relevant.
|
| Currently with 5.34 version. Shared libraries with executable permissions a=
| re identified as LSB pie executable irrespectively if PIE flag was used or=
| not during compilation. Unfortunately executable permission is set by gcc.=
| And historically shared libraries exec permission was required by some sys=
| tems. As suggested, problem can be workaround by build scripts, but it will=
| required big effort.
|
| I would say that that PIE shared executable, should be compiled as position=
| independent executable. And not only have executable permission. Good refe=
| rence could be hardening-check script (included in hardening-check fedora p=
| ackage), where similar checks is done.
|
| Please see following example program outputs. Do you think that with provid=
| ed evidence I can fill new bug issue or original issue can be re-opened?
Thanks. I've fixed the detection now, and I've added unit-tests in file-tests.
Best,
christos
More information about the File
mailing list