Bug 155230 - flash-plugin disables execshield in mozilla
Summary: flash-plugin disables execshield in mozilla
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: flash-plugin
Version: 4.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
: ---
Assignee: Warren Togami
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: flash_el4
TreeView+ depends on / blocked
 
Reported: 2005-04-18 09:37 UTC by Brian Stein
Modified: 2013-03-01 05:14 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-04-04 14:19:14 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Arjan van de Ven 2005-04-18 09:37:07 UTC
Description of problem:


due to a mislabeling of the stack protections of the flash plugin, using this
plugin causes mozilla to run with executable stack and heap. Not Good(tm)

This is easy to fix (prelink has execstack program which can relabel .so files)
and I think it is important for us that the binary we ship has this done.

Comment 4 Warren Togami 2005-11-08 21:18:12 UTC
I am proposing that we use "execstack -c libflashplayer.so" in order to solve
this issue in addition to the 7.0.61 security errata coming soon in Bug #172731.
 I need to talk to Macromedia in order to confirm a license exemption in this
trivial modifcation of their binary.

Comment 5 Mark J. Cox 2005-11-18 11:23:10 UTC
We're promised this will be fixed upstream therefore removing the need to binary
modification.

Comment 6 Joachim Frieben 2005-12-17 16:22:31 UTC
Despite installing the RPM named "flash-plugin-7.0.61-1", flash support
is not available on a freshly installed rawhide system which is
apparently due to the executable stack protection.

Comment 7 Warren Togami 2005-12-18 06:40:09 UTC
Joachim, your issue is a separate issue where Flash Plugin internally uses text
relocation, which is bad.  Only Macromedia can solve this issue.


Comment 8 Warren Togami 2006-04-04 14:19:14 UTC
Fixed in flash-plugin-7.0.63+


Note You need to log in before you can comment on or make changes to this bug.