Red Hat Bugzilla – Bug 853164
setuid program should have full RELRO
Last modified: 2012-09-17 18:00:48 EDT
Description of problem:
Setuid/gid should have full RELRO support enabled for extra protection. Also, network facing program should have PIE flags enabled for new ASLR each run.
FILE TYPE RELRO PIE
/usr/bin/chfn setuid partial yes
/usr/bin/chsh setuid partial yes
/usr/bin/logger network-ip partial no
/usr/bin/mount setuid partial yes
/usr/bin/umount setuid partial yes
/usr/bin/write setgid partial yes
You can use this program for testing:
util-linux-2.22-1.fc18 has been submitted as an update for Fedora 18.
(In reply to comment #0)
> FILE TYPE RELRO PIE
> /usr/bin/logger network-ip partial no
I don't see reason to think about logger(1) as about security sensitive program. It just writes to syslog (and yes, you can connect() to remote server). IMHO is to overkill to PIE all programs like logger(1).
The spec file has been fixed and BIND_NOW and GNU_RELRO is used for all suid programs (!= logger) in util-linux now. Thanks for the report.
And note that logger(1) only write() to network socket. It does not parse any input from network.
It may be true that it only writes, but before that it has to do dns lookup and parse the results. You have to consider the dns server to be malicious. While this is done by an underlying library, there is exposure. If you don't want to harden logger, we can skip it for now.
util-linux-2.22-1.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.