grsecurity forums

Skip to content

fonts on desktop and secure execute patch

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.
Topic locked

fonts on desktop and secure execute patch

Postby Raf256 » Thu Oct 13, 2005 1:25 pm

I keep getting:

Code: Select all
[4313829.681000] grsec: denied untrusted exec of /usr/local/share/fonts/verdanai.ttf by /usr/lib/opera/8.02-20050727.1/opera[opera:1777] uid/euid:2560/2560 gid/egid:2560/2560, parent /usr/bin/kdeinit[kdesktop:11229] uid/euid:2560/2560 gid/egid:2560/2560

[4313840.029000] grsec: denied untrusted exec of /usr/local/share/fonts/arial.ttf by /usr/lib/opera/8.02-20050727.1/opera[opera:1777] uid/euid:2560/2560 gid/egid:2560/2560, parent /usr/bin/kdeinit[kdesktop:11229] uid/euid:2560/2560 gid/egid:2560/2560

[4313840.098000] grsec: denied untrusted exec of /usr/local/share/fonts/verdana.ttf by /usr/lib/opera/8.02-20050727.1/opera[opera:1777] uid/euid:2560/2560 gid/egid:2560/2560, parent /usr/bin/kdeinit[kdesktop:11229] uid/euid:2560/2560 gid/egid:2560/2560

[4313841.199000] grsec: denied untrusted exec of /usr/local/share/fonts/verdanai.ttf by /usr/lib/opera/8.02-20050727.1/opera[opera:1777] uid/euid:2560/2560 gid/egid:2560/2560, parent /usr/bin/kdeinit[kdesktop:11229] uid/euid:2560/2560 gid/egid:2560/2560



and so on, from meany programs including Opera, DialogBlocks, and others.

How to fix it?
2.6.13.2 + Spender's patch for it
Raf256
 
Posts: 72
Joined: Mon Sep 19, 2005 8:38 pm
Top

Re: fonts on desktop and secure execute patch

Postby PaX Team » Thu Oct 13, 2005 1:42 pm

Raf256 wrote:I keep getting:

Code: Select all
[4313841.199000] grsec: denied untrusted exec of /usr/local/share/fonts/verdanai.ttf by /usr/lib/opera/8.02-20050727.1/opera[opera:1777] uid/euid:2560/2560 gid/egid:2560/2560, parent /usr/bin/kdeinit[kdesktop:11229] uid/euid:2560/2560 gid/egid:2560/2560



and so on, from meany programs including Opera, DialogBlocks, and others.

How to fix it?
2.6.13.2 + Spender's patch for it
probably a library is trying to mmap verdanai.ttf with PROT_EXEC rights, you have to debug it to find out the culprit and then let upstream know that font files are not supposed to be executed.
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm
Top

Postby Raf256 » Fri Oct 14, 2005 9:05 am

As for Opera, it had been apparently fixed in 8.02 --> 8.50
For the other programs, I will inform authors.

Can I somehow check is the problem rather caused by the program itself, or by one of library it uses?
Raf256
 
Posts: 72
Joined: Mon Sep 19, 2005 8:38 pm
Top

Postby PaX Team » Fri Oct 14, 2005 11:48 am

Raf256 wrote:As for Opera, it had been apparently fixed in 8.02 --> 8.50
For the other programs, I will inform authors.

Can I somehow check is the problem rather caused by the program itself, or by one of library it uses?
yes you can, but it requires debugging with gdb (you have break on the mmap(PROT_EXEC) call then examine the stack backtrace to see who initiated it).
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm
Top
Topic locked

Return to grsecurity support

Powered by phpBB® Forum Software © phpBB Group