| 1 |
W dniu 30.03.2012 20:12, Ђорђе Тодоровић pisze: |
| 2 |
> On Thu, 29 Mar 2012, Sven Vermeulen wrote: |
| 3 |
> |
| 4 |
>> You can try to make it a valid ELF header first, and then paxmark it. |
| 5 |
>> |
| 6 |
>> I have the following for my Skype: |
| 7 |
>> paxctl -C /opt/skype/skype |
| 8 |
>> paxctl -me /opt/skype/skype |
| 9 |
> |
| 10 |
> I tried running paxctl -Cm on it (should be ran on install with |
| 11 |
> pax_kernel USE |
| 12 |
> flag), by it still reports an invalid ELF executable. |
| 13 |
> |
| 14 |
> This is listed in the ebuld: |
| 15 |
> |
| 16 |
> if use pax_kernel; then |
| 17 |
> pax-mark Cm "${D}"/opt/skype/skype || die |
| 18 |
> eqawarn "You have set USE=pax_kernel meaning that you intend to run" |
| 19 |
> eqawarn "skype under a PaX enabled kernel. To do so, we must modify" |
| 20 |
> eqawarn "the skype binary itself and this *may* lead to breakage! |
| 21 |
> If" |
| 22 |
> eqawarn "you suspect that skype is being broken by this |
| 23 |
> modification," |
| 24 |
> eqawarn "please open a bug." |
| 25 |
> fi |
| 26 |
> |
| 27 |
> BTW,I checked the skype changelog and this was added recently: |
| 28 |
> 29 Feb 2012; mthode <mthode@g.o> skype-2.2.0.35-r1.ebuild: |
| 29 |
> fix the paxmarking syntax |
| 30 |
> 28 Feb 2012; mthode <mthode@g.o> skype-2.2.0.35-r1.ebuild: |
| 31 |
> paxmarked m skype to work on hardened |
| 32 |
> |
| 33 |
> |
| 34 |
> But it somehow fails to complete on my machine when I try it manually. |
| 35 |
> I also just checked, my current profile is multilib (I said earlier |
| 36 |
> no-mulitlib) |
| 37 |
> |
| 38 |
> I seriously am not sure if it is of any help,but attached the ELF |
| 39 |
> header of the |
| 40 |
> skype executable (/opt/skype/skype) so maybe (IDK) someone can tell if |
| 41 |
> there is an obvious problem there. |
| 42 |
> file /opt/skype/skype says: |
| 43 |
> /opt/skype/skype: ELF 32-bit LSB executable, Intel 80386, version 1 |
| 44 |
> (SYSV), dynamically linked (uses shared libs), stripped |
| 45 |
> |
| 46 |
> |
| 47 |
|
| 48 |
Hi |
| 49 |
|
| 50 |
scanelf -x /opt/skype/skype |
| 51 |
TYPE PAX FILE |
| 52 |
ET_EXEC --mxe- /opt/skype/skype |
| 53 |
|
| 54 |
|
| 55 |
ls -l /opt/skype/skype |
| 56 |
-rwxr-xr-x 1 root root 21362552 03-01 11:22 /opt/skype/skype |
| 57 |
|
| 58 |
|
| 59 |
*Skype works fine on pax-kernel.* |
| 60 |
|
| 61 |
Linux localhost 3.3.0-gl1 #1 SMP PREEMPT Wed Mar 28 00:21:14 CEST |
| 62 |
2012 *x86_64* Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz |
| 63 |
GenuineIntel GNU/Linux |
| 64 |
|
| 65 |
|
| 66 |
My Pax configuration: |
| 67 |
|
| 68 |
* zgrep -i pax /proc/config.gz * |
| 69 |
# PaX |
| 70 |
CONFIG_PAX=y |
| 71 |
# PaX Control |
| 72 |
CONFIG_PAX_SOFTMODE=y |
| 73 |
CONFIG_PAX_EI_PAX=y |
| 74 |
CONFIG_PAX_PT_PAX_FLAGS=y |
| 75 |
# CONFIG_PAX_NO_ACL_FLAGS is not set |
| 76 |
CONFIG_PAX_HAVE_ACL_FLAGS=y |
| 77 |
# CONFIG_PAX_HOOK_ACL_FLAGS is not set |
| 78 |
CONFIG_PAX_NOEXEC=y |
| 79 |
CONFIG_PAX_PAGEEXEC=y |
| 80 |
CONFIG_PAX_EMUTRAMP=y |
| 81 |
CONFIG_PAX_MPROTECT=y |
| 82 |
CONFIG_PAX_MPROTECT_COMPAT=y |
| 83 |
CONFIG_PAX_ELFRELOCS=y |
| 84 |
CONFIG_PAX_KERNEXEC_PLUGIN_METHOD="" |
| 85 |
CONFIG_PAX_ASLR=y |
| 86 |
CONFIG_PAX_RANDKSTACK=y |
| 87 |
CONFIG_PAX_RANDUSTACK=y |
| 88 |
CONFIG_PAX_RANDMMAP=y |
| 89 |
CONFIG_PAX_MEMORY_STACKLEAK=y |
| 90 |
CONFIG_PAX_REFCOUNT=y |
| 91 |
CONFIG_PAX_USERCOPY=y |
| 92 |
|
| 93 |
|
| 94 |
*paxtest blackhat* |
| 95 |
PaXtest - Copyright(c) 2003,2004 by Peter Busser <peter@×××××××××.org> |
| 96 |
Released under the GNU Public Licence version 2 or later |
| 97 |
|
| 98 |
Writing output to paxtest.log |
| 99 |
It may take a while for the tests to complete |
| 100 |
Test results: |
| 101 |
PaXtest - Copyright(c) 2003,2004 by Peter Busser <peter@×××××××××.org> |
| 102 |
Released under the GNU Public Licence version 2 or later |
| 103 |
|
| 104 |
Mode: blackhat |
| 105 |
Linux localhost 3.3.0-gl1 #1 SMP PREEMPT Wed Mar 28 00:21:14 CEST |
| 106 |
2012 x86_64 Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz GenuineIntel |
| 107 |
GNU/Linux |
| 108 |
|
| 109 |
Executable anonymous mapping : Killed |
| 110 |
Executable bss : Killed |
| 111 |
Executable data : Killed |
| 112 |
Executable heap : Killed |
| 113 |
Executable stack : Killed |
| 114 |
Executable shared library bss : Killed |
| 115 |
Executable shared library data : Killed |
| 116 |
Executable anonymous mapping (mprotect) : Killed |
| 117 |
Executable bss (mprotect) : Killed |
| 118 |
Executable data (mprotect) : Killed |
| 119 |
Executable heap (mprotect) : Killed |
| 120 |
Executable stack (mprotect) : Killed |
| 121 |
Executable shared library bss (mprotect) : Killed |
| 122 |
Executable shared library data (mprotect): Killed |
| 123 |
Writable text segments : Killed |
| 124 |
Anonymous mapping randomisation test : 33 bits (guessed) |
| 125 |
Heap randomisation test (ET_EXEC) : 23 bits (guessed) |
| 126 |
Heap randomisation test (PIE) : 40 bits (guessed) |
| 127 |
Main executable randomisation (ET_EXEC) : No randomisation |
| 128 |
Main executable randomisation (PIE) : 32 bits (guessed) |
| 129 |
Shared library randomisation test : 33 bits (guessed) |
| 130 |
Stack randomisation test (SEGMEXEC) : 40 bits (guessed) |
| 131 |
Stack randomisation test (PAGEEXEC) : 40 bits (guessed) |
| 132 |
Return to function (strcpy) : paxtest: return address |
| 133 |
contains a NULL byte. |
| 134 |
Return to function (memcpy) : Killed |
| 135 |
Return to function (strcpy, PIE) : paxtest: return address |
| 136 |
contains a NULL byte. |
| 137 |
Return to function (memcpy, PIE) : Killed |
| 138 |
|
| 139 |
|
| 140 |
Cheers |
| 141 |
;) |
Archives