Debian Bug report logs -
#539807
needlessly executable stack
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Debian Mono Group <pkg-mono-group@lists.alioth.debian.org>:
Bug#539807; Package mono.
(Mon, 03 Aug 2009 18:03:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Kees Cook <kees@debian.org>:
New Bug report received and forwarded. Copy sent to Debian Mono Group <pkg-mono-group@lists.alioth.debian.org>.
(Mon, 03 Aug 2009 18:03:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: mono
Version: 2.4+dfsg-6
Severity: normal
Tags: patch, security
User: ubuntu-devel@lists.ubuntu.com
Usertags: origin-ubuntu karmic ubuntu-patch
Hello! When running a kernel that handles non-executable memory
(PAE mode), it is preferred to have applications that do not have
an executable stack for security. The small attached patch fixes
this for mono.
https://bugzilla.novell.com/show_bug.cgi?id=439086
Thanks,
-Kees
--
Kees Cook @debian.org
[fix_execstack_asm.dpatch (text/plain, attachment)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Mono Group <pkg-mono-group@lists.alioth.debian.org>:
Bug#539807; Package mono.
(Thu, 06 Aug 2009 15:00:08 GMT) (full text, mbox, link).
Acknowledgement sent
to Kees Cook <kees@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Mono Group <pkg-mono-group@lists.alioth.debian.org>.
(Thu, 06 Aug 2009 15:00:08 GMT) (full text, mbox, link).
Message #10 received at 539807@bugs.debian.org (full text, mbox, reply):
Sorry, I need to recommend against my patch. It seems to break the
debugger. :( I'd still like to see the exec stack issue fixed. Forcing
exec stack for all mono apps seems... unfun. ;)
$ echo 'class MainClass { static void Main() { System.Console.WriteLine("Hello World!"); } }' > hello.cs
$ gmcs hello.cs
$ ./hello.exe
Hello World!
$ mdb ./hello.exe
Mono Debugger
(mdb) run
Starting program: ./hello.exe
Cannot read symbol file `/usr/lib/mono/2.0/mscorlib.dll.mdb': Could not
find file "/usr/lib/mono/2.0/mscorlib.dll.mdb".
Cannot read symbol file `/home/kees/hello.exe.mdb': Could not find file
"/home/kees/hello.exe.mdb".
(mdb) Thread @1 received signal 11 at #0: 0xff87c909.
0xff87c909 push $0xff87c932
quit
The program is running. Exit anyway? (y or n) y
Thread @1 exited.
Process #1 exited.
Target exited.
A good run would be:
$ mdb ./hello.exe
Mono Debugger
(mdb) run
Starting program: ./hello.exe
Cannot read symbol file `/usr/lib/mono/2.0/mscorlib.dll.mdb': Could not
find file "/usr/lib/mono/2.0/mscorlib.dll.mdb".
Cannot read symbol file `/home/kees/hello.exe.mdb': Could not find file
"/home/kees/hello.exe.mdb".
Thread @1 stopped at #0: 0xf79bb2d6 in <MainClass:Main ()>+0x6 at 1.
1 IL_0000: ldstr
(mdb) cont
Hello World!
Thread @1 exited.
(mdb) Process #1 exited.
Target exited.
quit
--
Kees Cook @debian.org
Removed tag(s) patch.
Request was from Iain Lane <laney@ubuntu.com>
to control@bugs.debian.org.
(Fri, 10 Sep 2010 08:03:05 GMT) (full text, mbox, link).
Removed tag(s) security.
Request was from Moritz Muehlenhoff <jmm@inutil.org>
to control@bugs.debian.org.
(Wed, 29 Jan 2014 09:57:07 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Tue Jan 9 21:26:39 2018;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.