Bug 155230 - flash-plugin disables execshield in mozilla
flash-plugin disables execshield in mozilla
Status: CLOSED RAWHIDE
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: flash-plugin (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Warren Togami
: Security
Depends On:
Blocks: flash_el4
  Show dependency treegraph
 
Reported: 2005-04-18 05:37 EDT by Brian Stein
Modified: 2013-03-01 00:14 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-04-04 10:19:14 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Arjan van de Ven 2005-04-18 05:37:07 EDT
Description of problem:


due to a mislabeling of the stack protections of the flash plugin, using this
plugin causes mozilla to run with executable stack and heap. Not Good(tm)

This is easy to fix (prelink has execstack program which can relabel .so files)
and I think it is important for us that the binary we ship has this done.
Comment 4 Warren Togami 2005-11-08 16:18:12 EST
I am proposing that we use "execstack -c libflashplayer.so" in order to solve
this issue in addition to the 7.0.61 security errata coming soon in Bug #172731.
 I need to talk to Macromedia in order to confirm a license exemption in this
trivial modifcation of their binary.
Comment 5 Mark J. Cox (Product Security) 2005-11-18 06:23:10 EST
We're promised this will be fixed upstream therefore removing the need to binary
modification.
Comment 6 Joachim Frieben 2005-12-17 11:22:31 EST
Despite installing the RPM named "flash-plugin-7.0.61-1", flash support
is not available on a freshly installed rawhide system which is
apparently due to the executable stack protection.
Comment 7 Warren Togami 2005-12-18 01:40:09 EST
Joachim, your issue is a separate issue where Flash Plugin internally uses text
relocation, which is bad.  Only Macromedia can solve this issue.
Comment 8 Warren Togami 2006-04-04 10:19:14 EDT
Fixed in flash-plugin-7.0.63+

Note You need to log in before you can comment on or make changes to this bug.