Package: linux-image-2.6.24-e
Version: 2.6.24-6~etchnhalf.7
On both vmlinuz-2.6.18-5-686 and vmlinuz-2.6.24-etchnhalf.1-686 kernels, the debian system maps the heap, binary data, and other data sections as rwx, instead of the normal and sensible rw-.
Examples:
----
grep rwx /proc/1/maps
08050000-08051000 rwxp 00007000 08:01 48968 /sbin/init
08051000-08072000 rwxp 08051000 00:00 0 [heap]
b7d88000-b7d89000 rwxp b7d88000 00:00
0
b7d8b000-b7d8d000 rwxp 00001000 08:01 375948 /lib/tls/i686/cmov/libdl-2.3.6.so
b7eb9000-b7ebb000 rwxp 0012c000 08:01 375945 /lib/tls/i686/cmov/libc-2.3.6.so
b7ebb000-b7ebf000 rwxp b7ebb000 00:00 0
b7ed2000-b7ed4000 rwxp 00012000 08:01
359138 /lib/libselinux.so.1
b7f0a000-b7f0b000 rwxp 00035000 08:01 359139 /lib/libsepol.so.1
b7f0b000-b7f15000 rwxp b7f0b000 00:00 0
b7f19000-b7f1b000 rwxp b7f19000 00:00 0
b7f30000-b7f32000 rwxp 00014000 08:01 360971 /lib/ld-2.3.6.so
------
pidof sshd
2807 2804 2692
debian-vmware:/home/x# grep -c rwx /proc/2807/maps
44
It seems incorrect and also very bad from a security standpoint to have this behavior. I am aware that the kernel does not ask for these mappings to be created, but it also should enforce some sort of W^X behavior. The loader or whichever userland application that asks for the mappings should also be alterted to follow the normal memory permission standards.