Significant number of insecure packages
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
elementary OS |
Expired
|
Undecided
|
Unassigned |
Bug Description
I use the word 'insecure' but I suppose that that's a matter of opinion. It's more a shorthand for "packages need to be compiled with security features enabled."
I've mentioned this before but never made a formal bug report.
elementaryOS does not compile any of its vala packges with basic security mitigation techniques. No stack canaries, partial RELRO, no PIE, etc. This should not be the case.
On top of that, there are many packages* that could be compiled with these basic mitigations. They provide significant security with very little (especially on 64bit) performance or stability overhead.
*These are my running processes stats, probably slightly better than a real elementaryOS system, which would have a few more non PIE processes.
92 Processes,
71 NO PIE(77%),
24 No Canary Found(26%),
74 Partial RELRO(80%)
Some of those are SUID/root apps. Some are networked. Some aren't, but don't make the mistake of thinking that they aren't viable attack surface. I can guarantee you that there is a lot of value in exploiting even a basic userland application with no networking capabilities.
Changed in elementaryos: | |
status: | New → Incomplete |
Assigning shnatsel to see what his opinion on this matter is.