➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2020-01-14 18:25 by hpawdjit, last changed 2022-04-11 14:59 by admin. This issue is now closed.
| Messages (2) | |||
|---|---|---|---|
| msg359986 - (view) | Author: Jason Culligan (hpawdjit) | Date: 2020-01-14 18:25 | |
The python3.6 binary supplied in Ubuntu distros is not compiled with Position Independent Code (PIE) protection enabled. Python2 does. Is this not seen as a problem? Example 1: (checksec) ============ FILE: /usr/bin/python2 RELRO: Full RELRO STACK CANARY: Canary found NX: NX enabled PIE: PIE enabled <<< RPATH: No RPATH RUNPATH: No RUNPATH Symbols: No Symbols FORTIFY: Yes Fortified: 14 Fortifiable: 32 FILE: /usr/bin/python3.6 RELRO: Partial RELRO <<< ISSUE >>> STACK CANARY: Canary found NX: NX enabled PIE: No PIE <<< ISSUE >>> RPATH: No RPATH RUNPATH: No RUNPATH Symbols: No Symbols FORTIFY: Yes Fortified: 18 Fortifiable: 42 Example 2: ============ $ hardening-check /usr/bin/python2 /usr/bin/python2: Position Independent Executable: yes Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: yes $ hardening-check /usr/bin/python3.6 /usr/bin/python3.6: Position Independent Executable: no, normal executable! Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: no, not found! |
|||
| msg359987 - (view) | Author: Benjamin Peterson (benjamin.peterson) *  |
Date: 2020-01-14 18:29 | |
You should take it up on the Ubuntu issue tracker. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:59:25 | admin | set | github: 83513 |
| 2020-01-14 18:29:23 | benjamin.peterson | set | status: open -> closed nosy: + benjamin.peterson messages: + msg359987 resolution: third party stage: resolved |
| 2020-01-14 18:25:50 | hpawdjit | create | |