Bug 407496

Summary: many KDE processes have rwx memory mappings
Product: [Frameworks and Libraries] frameworks-kded Reporter: Laurent Bonnaud <L.Bonnaud>
Component: generalAssignee: David Faure <faure>
Status: RESOLVED UPSTREAM    
Severity: normal CC: kdelibs-bugs, nate
Priority: NOR    
Version: 5.57.0   
Target Milestone: ---   
Platform: Neon   
OS: Linux   
Latest Commit: Version Fixed In:

Description Laurent Bonnaud 2019-05-13 14:08:36 UTC 
SUMMARY

As a defense against machine code injection against buffer overflow bugs, most Linux distributions have worked over the years to remove as many rwx memory mappings as possible in processes.

I checked this on several of my systems and unfortunately I found that many KDE processes do have rwx memory mappings.

I chose to report this bug against the kded package because it is one of the most fundamental affected KDE process I found.  However the problem seems to be more general in KDE.  I apologize in advance for not finding a better software package to report this problem.


STEPS TO REPRODUCE
1. Log in Plasma
2. Run the following command:

$ grep rwx /proc/$(pidof kded5)/maps

OBSERVED RESULT

$ grep rwx /proc/$(pidof kded5)/maps
7f68d7c2a000-7f68d7c3a000 rwxp 00000000 00:00 0 

EXPECTED RESULT

No output

SOFTWARE/OS VERSIONS
Linux: KDE neon updated today
KDE Plasma Version: 5.15.5+p18.04+git20190510.0013-0
KDE Frameworks Version: 5.58.0+p18.04+git20190510.1522-0
Qt Version: 5.12.0+dfsg-0+xneon+18.04+bionic+build56

ADDITIONAL INFORMATION

I observe similar problems in Kubuntu.
Comment 1 Christoph Feck 2019-05-13 20:07:51 UTC 
Cannot reproduce on openSUSE Krypton.

> ps ax | grep 'kded5 \[kdeinit5\]'
 1168 ?        Sl     0:45 kded5 [kdeinit5]
> cat /proc/1168/maps | grep rwx
(no output)

I guess it is distribution specific.
Comment 2 Nate Graham 2019-05-13 20:48:41 UTC 
I also see correct permissions in Manjaro, an Arch-based distro. So it does indeed look distro-specific.

Since you see this problem in both Neon and Kubuntu, then the issue is specific to Ubuntu-based distros, or even Debian-based distros. So I would report it upstream to them. Thanks!