Bug 155230

Summary: flash-plugin disables execshield in mozilla
Product: Red Hat Enterprise Linux 4 Reporter: Brian Stein <bstein>
Component: flash-pluginAssignee: Warren Togami <wtogami>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 4.0CC: bstevens, security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-04-04 14:19:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 189808    

Description Arjan van de Ven 2005-04-18 09:37:07 UTC
Description of problem:


due to a mislabeling of the stack protections of the flash plugin, using this
plugin causes mozilla to run with executable stack and heap. Not Good(tm)

This is easy to fix (prelink has execstack program which can relabel .so files)
and I think it is important for us that the binary we ship has this done.

Comment 4 Warren Togami 2005-11-08 21:18:12 UTC
I am proposing that we use "execstack -c libflashplayer.so" in order to solve
this issue in addition to the 7.0.61 security errata coming soon in Bug #172731.
 I need to talk to Macromedia in order to confirm a license exemption in this
trivial modifcation of their binary.

Comment 5 Mark J. Cox 2005-11-18 11:23:10 UTC
We're promised this will be fixed upstream therefore removing the need to binary
modification.

Comment 6 Joachim Frieben 2005-12-17 16:22:31 UTC
Despite installing the RPM named "flash-plugin-7.0.61-1", flash support
is not available on a freshly installed rawhide system which is
apparently due to the executable stack protection.

Comment 7 Warren Togami 2005-12-18 06:40:09 UTC
Joachim, your issue is a separate issue where Flash Plugin internally uses text
relocation, which is bad.  Only Macromedia can solve this issue.


Comment 8 Warren Togami 2006-04-04 14:19:14 UTC
Fixed in flash-plugin-7.0.63+