[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libguestfs] [PATCH] Add a test for an executable stack in libguestfs.so



On Wed, Aug 05, 2009 at 11:45:02AM +0100, Matthew Booth wrote:
> I've updated the patch. It's now in regressions, and checks both
> libguestfs.so and the guest daemon. It occurs to me that it's the
> daemon that's would get an executable stack from the specific patch
> I posted the other day. However, would this actually matter
> specifically for the daemon?

Duh yes, you're right.  I was checking the wrong executable.

$ readelf -l daemon/guestfsd
[...]
  GNU_STACK      0x0000000000000000 0x0000000000000000 0x0000000000000000
                 0x0000000000000000 0x0000000000000000  RWE    8

So your patch *does* make the daemon stack executable.

Does it matter for the daemon?  Probably yes.  We should avoid
allowing code to be injected into the appliance.  For example if there
was a malicious string which was passed into libguestfs from user
input, then the additional stack guards would be our last line of
defence.

Also rpmlint will give a warning about this.

NAK I'm afraid.  However just hoisting those functions out so they are
not nested should make it OK.  Don't forget the other two things I
raised in the original review.

Rich.

-- 
Richard Jones, Emerging Technologies, Red Hat  http://et.redhat.com/~rjones
virt-top is 'top' for virtual machines.  Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://et.redhat.com/~rjones/virt-top


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]