Ubuntu
file package

  1. Bug #1747711
  2. Comment #3

Comment 3 for bug 1747711

Revision history for this message
Kees Cook (kees) wrote :

This is (sort of) a bug in file. The problem is not being able to distinguish between shared objects and PIE binaries. (The latter have INTERP ELF sections and can be run directly.)

$ readelf -l /bin/true
...
Elf file type is EXEC (Executable file)
...
  INTERP 0x0000000000000238 0x0000000000400238 0x0000000000400238
                 0x000000000000001c 0x000000000000001c R 1
      [Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]
...

$ readelf -l /usr/lib/x86_64-linux-gnu/libmagic.so.1.0.0
...
Elf file type is DYN (Shared object file)
...[no INTERP]...

$ readelf -l /usr/bin/ssh
...
Elf file type is DYN (Shared object file)
...
  INTERP 0x0000000000000238 0x0000000000000238 0x0000000000000238
                 0x000000000000001c 0x000000000000001c R 1
      [Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]

So for mime types to distinguish, "file" needs to grow reporting of the INTERP presence.

This has become an issue in bionic due to PIE-by-default.