https://bugs.kde.org/show_bug.cgi?id=407496
Bug ID: 407496
Summary: many KDE processes have rwx memory mappings
Product: frameworks-kded
Version: 5.57.0
Platform: Neon Packages
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: general
Assignee: fa...@kde.org
Reporter: l.bonn...@laposte.net
CC: kdelibs-b...@kde.org
Target Milestone: ---
SUMMARY
As a defense against machine code injection against buffer overflow bugs, most
Linux distributions have worked over the years to remove as many rwx memory
mappings as possible in processes.
I checked this on several of my systems and unfortunately I found that many KDE
processes do have rwx memory mappings.
I chose to report this bug against the kded package because it is one of the
most fundamental affected KDE process I found. However the problem seems to be
more general in KDE. I apologize in advance for not finding a better software
package to report this problem.
STEPS TO REPRODUCE
1. Log in Plasma
2. Run the following command:
$ grep rwx /proc/$(pidof kded5)/maps
OBSERVED RESULT
$ grep rwx /proc/$(pidof kded5)/maps
7f68d7c2a000-7f68d7c3a000 rwxp 00000000 00:00 0
EXPECTED RESULT
No output
SOFTWARE/OS VERSIONS
Linux: KDE neon updated today
KDE Plasma Version: 5.15.5+p18.04+git20190510.0013-0
KDE Frameworks Version: 5.58.0+p18.04+git20190510.1522-0
Qt Version: 5.12.0+dfsg-0+xneon+18.04+bionic+build56
ADDITIONAL INFORMATION
I observe similar problems in Kubuntu.
--
You are receiving this mail because:
You are watching all bug changes.
