Dear Auditors, the checksec script available at https://github.com/slimm609/checksec.sh is able to scan an elf through scanelf/readelf and report the hardening and/or the security status. If the check goes well it is printed green, otherwise it is red. While scanning some file provided by openrc, it prints the error about RUNPATH: # sh checksec --file /bin/rc-status RELRO STACK CANARY NX PIE RPATH RUNPATH FORTIFY Fortified Fortifiable FILE Partial RELRO No canary found NX enabled No PIE No RPATH RUNPATH No 0 4 /bin/rc-status The runpath issue comes up if the following contents exist: # readelf -d /bin/rc-status | grep runpath 0x000000000000001d (RUNPATH) Library runpath: [/lib64] While I try to scan other executables I didn't get anything. I didn't investigate deeply; can you clarify if this is something that we can report? CC'ing hardened team if they know something about.
Seems to affect 0.43.5-r1, but not 0.44.10. /var/db/repos/gentoo/sys-apps/openrc # readelf -d /var/tmp/portage/sys-apps/openrc-0.44.10/image/bin/rc-status | grep runpath /var/db/repos/gentoo/sys-apps/openrc # readelf -d /var/tmp/portage/sys-apps/openrc-0.43.5-r1/image/bin/rc-status | grep runpath 0x000000000000001d (RUNPATH) Library runpath: [/lib64]