Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 6 Dec 2014 01:44:31 +0100
From: Hanno Böck <hanno@...eck.de>
To: oss-security@...ts.openwall.com
Subject: Re: Offset2lib: bypassing full ASLR on 64bit Linux

On Fri, 05 Dec 2014 17:43:44 -0500
Daniel Kahn Gillmor <dkg@...thhorseman.net> wrote:

> i couldn't find a reference to this in the nautilus bugtracker, so i
> just posted:
> 
>  https://bugzilla.gnome.org/show_bug.cgi?id=741183

I tried to dig into this a bit. I'm not really sure, but based on the
output I assume nautilus is relying on file or libmagic to assess the
file type.

And that's what fails:
$ file --mime-type pie
pie: application/x-sharedlib


It seems there is no really easy way to separate executables from
shared libraries and whether this should be considered a bug in
file/libmagic. The only thing I quickly found that would be possible is
searching if a SONAME is present. libmagic uses some "magic" file
format to parse files, I don't know if that's capable of such complex
parsing.

(oh, btw, this is one more reason to wipe out potential security bugs
in file...)

-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno@...eck.de
GPG: BBB51E42

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.