Hello, can someone please take a look at the:
https://bugs.documentfoundation.org/show_bug.cgi?id=115486 Description: https://stackoverflow.com/questions/48631646/why-does-libreoffice-wants-memory-pages-to-be-writable-and-executable-in-the-sam OpenBSD has great features for Memory protection, ex.: W^X. https://en.wikipedia.org/wiki/W^X https://man.openbsd.org/mount We can disable this function with the "wxallowed" mount point if a program needs it, and sadly, LibreOffice needs the wxallowed on /usr/local/. See example here: https://unix.stackexchange.com/questions/411405/libreoffice-soffice-oosplash-start-permission-denied-error Steps to Reproduce: 1. Use a secure OS that can help security audits, ex.: OpenBSD 2. Remove the wxallowed flag from /usr/local to enable the W^X enforcing, reboot 3. LibreOffice cannot start anymore, because it requires writable and executable memory pages in the same time, see Wiki link, why is this dangerous: https://en.wikipedia.org/wiki/W%5EX Actual Results: LibreOffice is prone to memory bugs if it needs writable/executable memory pages Expected Results: LibreOffice should run even with the remove wxallowed mount option. Reproducible: Always User Profile Reset: No Additional Info: This is a security issue, please fix it with higher prio. Additional help from the forums: I'm not really sure but my guess is that LibreOffice is doing some dynamic runtime linking of a shared object and it's mapping the whole address space using one syscall with PROT_READ|PROT_WRITE|PROT_EXEC or alternatively PROT_ALL which i have already seen somewhere on github. – Karim Manaouil @KarimManaouil Probably here: https://github.com/LibreOffice/core/blob/b7c5ddcdd05ceba73acb1a298500892d6157f360/bridges/source/cpp_uno/shared/vtablefactory.cxx It creates anonymous mapping with RWX access. – Ivan _______________________________________________ LibreOffice mailing list LibreOffice@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice
