[Bug 1747711] Re: file mis-identifies modern executables as application/x-sharedlib
Brian Murray
brian at ubuntu.com
Fri Feb 16 20:01:54 UTC 2018
It is also an issue on bionic:
$ schroot -u root -c bionic-amd64
(bionic-amd64)root at impulse:/tmp# echo "int main() { return 0; }" > foo.c
(bionic-amd64)root at impulse:/tmp# gcc -o foo foo.c
(bionic-amd64)root at impulse:/tmp# file foo
foo: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=5222fe7f5f12ee8d286b84f93c981cab98ad382a, not stripped
But not on xenial:
$ schroot -u root -c xenial-amd64
(xenial-amd64)root at impulse:/tmp# echo "int main() { return 0; }" > foo.c
(xenial-amd64)root at impulse:/tmp# gcc -o foo foo.c
(xenial-amd64)root at impulse:/tmp# file foo
foo: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, BuildID[sha1]=5a079b5be569b3e0527b9685f1c7811fb193d37c, not stripped
Using gcc from xenial and file from bionic though the file is identified
as an executable so I don't think its file.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to file in Ubuntu.
https://bugs.launchpad.net/bugs/1747711
Title:
file mis-identifies modern executables as application/x-sharedlib
Status in file package in Ubuntu:
New
Bug description:
file doesn't recognize modern PIE (Position Independent Executable)
x86 executables as such, reporting them as “application/x-sharedlib”.
Consequently, only non-PIE executables can be opened in graphical file
managers such as nautilus. This may cause a minor (?) security risk if
a commonly-published workaround is attempted.
Expected behaviour:
$ echo "int main() { return 0; }" > foo.c
$ gcc -o foo foo.c
$ file foo
foo: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=6e7749f995a89a53f74ec29d3c16fcf3f56be90f, not stripped
$ file --mime-type foo
foo: application/x-executable
Actual behaviour:
$ echo "int main() { return 0; }" > foo.c
$ gcc -o foo foo.c
$ file foo
foo: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=6e7749f995a89a53f74ec29d3c16fcf3f56be90f, not stripped
$ file --mime-type foo
foo: application/x-sharedlib
Workaround (unsafe?):
$ echo "int main() { return 0; }" > foo.c
$ gcc -o foo-nopie foo.c -no-pie
$ file foo-nopie
foo-nopie: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=3eb8c581f43c19997e3c828f5a9730dbdc794470, not stripped
$ file --mime-type foo-nopie
foo-nopie: application/x-executable
gcc now defaults to building with PIE enabled for security reasons.
Also affects: nautilus (and likely other graphical file managers like
those on Lubuntu) - because nautilus uses mime-type to determine if a
file is executable, double-click to run a program no longer works.
Also noted on: Gnome Bugs -
https://bugzilla.gnome.org/show_bug.cgi?id=737849 (2014) - before PIE
became the default build option.
This may be an upstream issue. This may not affect architectures
outside x86.*
ProblemType: Bug
DistroRelease: Ubuntu 17.10
Package: file 1:5.32-1
ProcVersionSignature: Ubuntu 4.13.0-32.35-generic 4.13.13
Uname: Linux 4.13.0-32-generic x86_64
ApportVersion: 2.20.7-0ubuntu3.7
Architecture: amd64
CurrentDesktop: GNOME
Date: Tue Feb 6 11:21:20 2018
InstallationDate: Installed on 2017-05-11 (270 days ago)
InstallationMedia: Ubuntu-GNOME 17.04 "Zesty Zapus" - Release amd64 (20170412)
SourcePackage: file
UpgradeStatus: Upgraded to artful on 2017-10-21 (108 days ago)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/file/+bug/1747711/+subscriptions
More information about the foundations-bugs
mailing list