| Summary: | >=net-misc/zerotier-1.2.8 QA: files contain writable and executable sections: usr/sbin/zerotier-one | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Rage <oxr463> <ramage.lucas> |
| Component: | Current packages | Assignee: | No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it <maintainer-needed> |
| Status: | RESOLVED OBSOLETE | ||
| Severity: | normal | CC: | asturm, jstein, proxy-maint, ramage.lucas |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | AMD64 | ||
| OS: | Linux | ||
| See Also: | https://github.com/zerotier/ZeroTierOne/issues/762 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 658042 | ||
| Bug Blocks: | |||
|
Description
Rage <oxr463>
2018-05-07 16:06:13 UTC
overlay-devel ~ # file $(which zerotier-one) /usr/sbin/zerotier-one: ELF 64-bit LSB shared object, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, stripped Please prepare a PR with your fix and contact the Proxy team on IRC, if you got stuck. https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers gentoo-devel ~ # scanelf -lpqe
RWX --- --- /usr/sbin/zerotier-one
gentoo-devel ~ # readelf -S /usr/sbin/zerotier-one
There are 28 section headers, starting at offset 0x138dc0:
Section Headers:
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 0] NULL 0000000000000000 00000000
0000000000000000 0000000000000000 0 0 0
[ 1] .interp PROGBITS 0000000000000238 00000238
000000000000001c 0000000000000000 A 0 0 1
[ 2] .note.ABI-tag NOTE 0000000000000254 00000254
0000000000000020 0000000000000000 A 0 0 4
[ 3] .gnu.hash GNU_HASH 0000000000000278 00000278
00000000000000b8 0000000000000000 A 4 0 8
[ 4] .dynsym DYNSYM 0000000000000330 00000330
0000000000001530 0000000000000018 A 5 1 8
[ 5] .dynstr STRTAB 0000000000001860 00001860
0000000000001665 0000000000000000 A 0 0 1
[ 6] .gnu.version VERSYM 0000000000002ec6 00002ec6
00000000000001c4 0000000000000002 A 4 0 2
[ 7] .gnu.version_r VERNEED 0000000000003090 00003090
0000000000000180 0000000000000000 A 5 4 8
[ 8] .rela.dyn RELA 0000000000003210 00003210
0000000000001ff8 0000000000000018 A 4 0 8
[ 9] .rela.plt RELA 0000000000005208 00005208
0000000000001158 0000000000000018 AI 4 24 8
[10] .init PROGBITS 0000000000006360 00006360
0000000000000017 0000000000000000 AX 0 0 4
[11] .plt PROGBITS 0000000000006380 00006380
0000000000000ba0 0000000000000010 AX 0 0 16
[12] .plt.got PROGBITS 0000000000006f20 00006f20
0000000000000018 0000000000000008 AX 0 0 8
[13] .text PROGBITS 0000000000006f40 00006f40
00000000000ec512 0000000000000000 AX 0 0 32
[14] .fini PROGBITS 00000000000f3454 000f3454
0000000000000009 0000000000000000 AX 0 0 4
[15] .rodata PROGBITS 00000000000f3460 000f3460
000000000002d820 0000000000000000 A 0 0 32
[16] .eh_frame_hdr PROGBITS 0000000000120c80 00120c80
0000000000001d0c 0000000000000000 A 0 0 4
[17] .eh_frame PROGBITS 0000000000122990 00122990
000000000000d0d8 0000000000000000 A 0 0 8
[18] .gcc_except_table PROGBITS 000000000012fa68 0012fa68
000000000000623c 0000000000000000 A 0 0 4
[19] .init_array INIT_ARRAY 00000000003369f0 001369f0
00000000000000e0 0000000000000008 WA 0 0 8
[20] .fini_array FINI_ARRAY 0000000000336ad0 00136ad0
0000000000000008 0000000000000008 WA 0 0 8
[21] .jcr PROGBITS 0000000000336ad8 00136ad8
0000000000000008 0000000000000000 WA 0 0 8
[22] .data.rel.ro PROGBITS 0000000000336ae0 00136ae0
0000000000000c78 0000000000000000 WA 0 0 32
[23] .dynamic DYNAMIC 0000000000337758 00137758
0000000000000250 0000000000000010 WA 5 0 8
[24] .got PROGBITS 00000000003379a8 001379a8
0000000000000648 0000000000000008 WA 0 0 8
[25] .data PROGBITS 0000000000338000 00138000
0000000000000cc8 0000000000000000 WA 0 0 32
[26] .bss NOBITS 0000000000338ce0 00138cc8
0000000000010250 0000000000000000 WA 0 0 32
[27] .shstrtab STRTAB 0000000000000000 00138cc8
00000000000000f6 0000000000000000 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
L (link order), O (extra OS processing required), G (group), T (TLS),
C (compressed), x (unknown), o (OS specific), E (exclude),
l (large), p (processor specific)
Also, -Wl,-z,noexecstack is already appended to the ld-flags.
Upstream is aware of this problem and has supposedly resolved it in v1.2.10 > This is fixed in 1.2.10, just tagged. We might not do binaries for this one though since there are two more bugs set to die shortly. https://github.com/zerotier/ZeroTierOne/issues/762 The latest version (1.2.10) contains the same issue.
I may need some help on this.
gentoo-devel ~ # zerotier-one -V
ZeroTier One version 1.2.10
Copyright (c) 2011-2018 ZeroTier, Inc.
This is free software: you may copy, modify, and/or distribute this
work under the terms of the GNU General Public License, version 3 or
later as published by the Free Software Foundation.
No warranty expressed or implied.
Usage: zerotier-one [-switches] [home directory]
Available switches:
-h - Display this help
-v - Show version
-U - Skip privilege check and do not attempt to drop privileges
-p<port> - Port for UDP and TCP/HTTP (default: 9993, 0 for random)
-d - Fork and run as daemon (Unix-ish OSes)
-i - Generate and manage identities (zerotier-idtool)
-q - Query API (zerotier-cli)
gentoo-devel ~ # scanelf -lpqe
RWX --- --- /usr/sbin/zerotier-one
gentoo-devel ~ # readelf -S /usr/sbin/zerotier-one
There are 28 section headers, starting at offset 0x138dc0:
Section Headers:
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 0] NULL 0000000000000000 00000000
0000000000000000 0000000000000000 0 0 0
[ 1] .interp PROGBITS 0000000000000238 00000238
000000000000001c 0000000000000000 A 0 0 1
[ 2] .note.ABI-tag NOTE 0000000000000254 00000254
0000000000000020 0000000000000000 A 0 0 4
[ 3] .gnu.hash GNU_HASH 0000000000000278 00000278
00000000000000b8 0000000000000000 A 4 0 8
[ 4] .dynsym DYNSYM 0000000000000330 00000330
0000000000001530 0000000000000018 A 5 1 8
[ 5] .dynstr STRTAB 0000000000001860 00001860
0000000000001665 0000000000000000 A 0 0 1
[ 6] .gnu.version VERSYM 0000000000002ec6 00002ec6
00000000000001c4 0000000000000002 A 4 0 2
[ 7] .gnu.version_r VERNEED 0000000000003090 00003090
0000000000000180 0000000000000000 A 5 4 8
[ 8] .rela.dyn RELA 0000000000003210 00003210
0000000000001ff8 0000000000000018 A 4 0 8
[ 9] .rela.plt RELA 0000000000005208 00005208
0000000000001158 0000000000000018 AI 4 24 8
[10] .init PROGBITS 0000000000006360 00006360
0000000000000017 0000000000000000 AX 0 0 4
[11] .plt PROGBITS 0000000000006380 00006380
0000000000000ba0 0000000000000010 AX 0 0 16
[12] .plt.got PROGBITS 0000000000006f20 00006f20
0000000000000018 0000000000000008 AX 0 0 8
[13] .text PROGBITS 0000000000006f40 00006f40
00000000000ec512 0000000000000000 AX 0 0 32
[14] .fini PROGBITS 00000000000f3454 000f3454
0000000000000009 0000000000000000 AX 0 0 4
[15] .rodata PROGBITS 00000000000f3460 000f3460
000000000002d820 0000000000000000 A 0 0 32
[16] .eh_frame_hdr PROGBITS 0000000000120c80 00120c80
0000000000001d0c 0000000000000000 A 0 0 4
[17] .eh_frame PROGBITS 0000000000122990 00122990
000000000000d0d8 0000000000000000 A 0 0 8
[18] .gcc_except_table PROGBITS 000000000012fa68 0012fa68
000000000000623c 0000000000000000 A 0 0 4
[19] .init_array INIT_ARRAY 00000000003369f0 001369f0
00000000000000e0 0000000000000008 WA 0 0 8
[20] .fini_array FINI_ARRAY 0000000000336ad0 00136ad0
0000000000000008 0000000000000008 WA 0 0 8
[21] .jcr PROGBITS 0000000000336ad8 00136ad8
0000000000000008 0000000000000000 WA 0 0 8
[22] .data.rel.ro PROGBITS 0000000000336ae0 00136ae0
0000000000000c78 0000000000000000 WA 0 0 32
[23] .dynamic DYNAMIC 0000000000337758 00137758
0000000000000250 0000000000000010 WA 5 0 8
[24] .got PROGBITS 00000000003379a8 001379a8
0000000000000648 0000000000000008 WA 0 0 8
[25] .data PROGBITS 0000000000338000 00138000
0000000000000cc8 0000000000000000 WA 0 0 32
[26] .bss NOBITS 0000000000338ce0 00138cc8
0000000000010250 0000000000000000 WA 0 0 32
[27] .shstrtab STRTAB 0000000000000000 00138cc8
00000000000000f6 0000000000000000 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
L (link order), O (extra OS processing required), G (group), T (TLS),
C (compressed), x (unknown), o (OS specific), E (exclude),
l (large), p (processor specific)
(In reply to Rage <OxR463> from comment #5) > The latest version (1.2.10) contains the same issue. > I may need some help on this. > > gentoo-devel ~ # zerotier-one -V > ZeroTier One version 1.2.10 > Copyright (c) 2011-2018 ZeroTier, Inc. > This is free software: you may copy, modify, and/or distribute this > work under the terms of the GNU General Public License, version 3 or > later as published by the Free Software Foundation. > No warranty expressed or implied. I am not familiar with ELF. Would you please follow up the upstream issue with what you have found? To: adam.ierymenko@zerotier.com Date: Thu, Jul 5, 2018 at 12:22 PM Subject: >=zerotier-1.2.8 QA: files contain writable and executable sections: usr/sbin/zerotier-one #762 Body: Greetings, I opened this issue, https://github.com/zerotier/ZeroTierOne/issues/762 on May 23rd, and it was closed as fixed in the 1.2.10 on the 29th, but I am still experiencing it in the latest release. I left Github but I am still trying to resolve this issue. The details and any logs can be found on here, https://bugs.gentoo.org/655180 Thanks again, I'm afraid that at this point in time, this is beyond my abilities to resolve. ramage.lucas@openmailbox.org should be changed in metadata.xml. gentoo-devel /usr/portage # zerotier-one -V
ZeroTier One version 1.2.12
Copyright (c) 2011-2018 ZeroTier, Inc.
This is free software: you may copy, modify, and/or distribute this
work under the terms of the GNU General Public License, version 3 or
later as published by the Free Software Foundation.
No warranty expressed or implied.
Usage: zerotier-one [-switches] [home directory]
Available switches:
-h - Display this help
-v - Show version
-U - Skip privilege check and do not attempt to drop privileges
-p<port> - Port for UDP and TCP/HTTP (default: 9993, 0 for random)
-d - Fork and run as daemon (Unix-ish OSes)
-i - Generate and manage identities (zerotier-idtool)
-q - Query API (zerotier-cli)
gentoo-devel /usr/portage # scanelf -lpqe
RWX --- --- /usr/sbin/zerotier-one
gentoo-devel /usr/portage # readelf -S /usr/sbin/zerotier-one
There are 27 section headers, starting at offset 0x12bdc0:
Section Headers:
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 0] NULL 0000000000000000 00000000
0000000000000000 0000000000000000 0 0 0
[ 1] .interp PROGBITS 0000000000000238 00000238
000000000000001c 0000000000000000 A 0 0 1
[ 2] .note.ABI-tag NOTE 0000000000000254 00000254
0000000000000020 0000000000000000 A 0 0 4
[ 3] .gnu.hash GNU_HASH 0000000000000278 00000278
00000000000000b8 0000000000000000 A 4 0 8
[ 4] .dynsym DYNSYM 0000000000000330 00000330
0000000000001530 0000000000000018 A 5 1 8
[ 5] .dynstr STRTAB 0000000000001860 00001860
000000000000167f 0000000000000000 A 0 0 1
[ 6] .gnu.version VERSYM 0000000000002ee0 00002ee0
00000000000001c4 0000000000000002 A 4 0 2
[ 7] .gnu.version_r VERNEED 00000000000030a8 000030a8
0000000000000180 0000000000000000 A 5 4 8
[ 8] .rela.dyn RELA 0000000000003228 00003228
0000000000001f68 0000000000000018 A 4 0 8
[ 9] .rela.plt RELA 0000000000005190 00005190
0000000000001170 0000000000000018 AI 4 23 8
[10] .init PROGBITS 0000000000006300 00006300
0000000000000017 0000000000000000 AX 0 0 4
[11] .plt PROGBITS 0000000000006320 00006320
0000000000000bb0 0000000000000010 AX 0 0 16
[12] .plt.got PROGBITS 0000000000006ed0 00006ed0
0000000000000018 0000000000000008 AX 0 0 8
[13] .text PROGBITS 0000000000006f00 00006f00
00000000000dff12 0000000000000000 AX 0 0 32
[14] .fini PROGBITS 00000000000e6e14 000e6e14
0000000000000009 0000000000000000 AX 0 0 4
[15] .rodata PROGBITS 00000000000e6e20 000e6e20
000000000002d880 0000000000000000 A 0 0 32
[16] .eh_frame_hdr PROGBITS 00000000001146a0 001146a0
0000000000001d6c 0000000000000000 A 0 0 4
[17] .eh_frame PROGBITS 0000000000116410 00116410
000000000000d368 0000000000000000 A 0 0 8
[18] .gcc_except_table PROGBITS 0000000000123778 00123778
00000000000060a0 0000000000000000 A 0 0 4
[19] .init_array INIT_ARRAY 0000000000329a38 00129a38
00000000000000e0 0000000000000008 WA 0 0 8
[20] .fini_array FINI_ARRAY 0000000000329b18 00129b18
0000000000000008 0000000000000008 WA 0 0 8
[21] .data.rel.ro PROGBITS 0000000000329b20 00129b20
0000000000000c48 0000000000000000 WA 0 0 32
[22] .dynamic DYNAMIC 000000000032a768 0012a768
0000000000000250 0000000000000010 WA 5 0 8
[23] .got PROGBITS 000000000032a9b8 0012a9b8
0000000000000648 0000000000000008 WA 0 0 8
[24] .data PROGBITS 000000000032b000 0012b000
0000000000000cc8 0000000000000000 WA 0 0 32
[25] .bss NOBITS 000000000032bce0 0012bcc8
0000000000010250 0000000000000000 WA 0 0 32
[26] .shstrtab STRTAB 0000000000000000 0012bcc8
00000000000000f1 0000000000000000 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
L (link order), O (extra OS processing required), G (group), T (TLS),
C (compressed), x (unknown), o (OS specific), E (exclude),
l (large), p (processor specific)
Is it fixed in recent version then? |
