GNOME Bugzilla – Bug 335942
clock-applet executable stack (security best-practice failure)
Last modified: 2006-06-14 16:49:25 UTC
That bug has been described on https://launchpad.net/malone/bugs/34130 "lsmemmap.sh shows clock-applet has an executable stack on x86-64. This is a security best-practice failure: shellcode injection into the stack is possible now that it is executable. Note that in the case of clock-applet there is theoretically no way to elevate privileges and thus this is very minor. task 5169 (/usr/lib/gnome-panel/clock-applet) 7fffffa56000-7fffffa6a000 rwxp 7fffffa56000 00:00 0 [stack] Please note that this is not a security vulnerability; it is a failure to execute security best practices. By correcting this, certain real vulnerabilities will become difficult or impossible to exploit beyond basic denial of service. The most likely cause of this is the use of gcc nested functions in clock-applet. See also bug #34129 which has the script I used as an attachment. Marking minor low priority, as this is basically not exploitable in theory. It would be nice to see this corrected but not practically important."
I've compiled the clock applet with -ansi -pedantic and there's no problem. Could this be evolution-data-server that have this problem?
This happens because of libgcrypt.so.11 having a set PT_GNU_STACK marking. I have noted in Ubuntu to correct this by building libgcrypt with --disable-asm.
Also fixable by building with assembly but putting a .note.GNU-stack in as described on ubuntu bug #49192
closing as NOTGNOME since that's not a panel issue