[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#926060: marked as done (lintian: portable-executable-missing-security-features false positives)

Your message dated Mon, 16 Dec 2019 14:59:27 -0800
with message-id <CAFHYt55_6FaH2uiY0HB+n-m_dJAfFJuPR7VZ6A1XcYkDeQ089Q@mail.gmail.com>
and subject line Re: Bug#926060: lintian: portable-executable-missing-security-features false positives
has caused the Debian Bug report #926060,
regarding lintian: portable-executable-missing-security-features false positives
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
926060: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926060
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: lintian
Version: 2.11.0
Severity: normal

I'm reasonably confident that clamav testfiles don't need hardening features,
so [1] seems pretty pointless.

Scott K

[1] https://lintian.debian.org/maintainer/pkg-clamav-devel@lists.alioth.debian.org.html#clamav

clamav-testfiles

    E portable-executable-missing-security-features
        usr/share/clamav-testfiles/clam-aspack.exe ASLR DEP/NX SafeSEH
        usr/share/clamav-testfiles/clam-fsg.exe ASLR DEP/NX SafeSEH
        usr/share/clamav-testfiles/clam-nsis.exe ASLR DEP/NX
        usr/share/clamav-testfiles/clam-pespin.exe ASLR DEP/NX SafeSEH
        usr/share/clamav-testfiles/clam-petite.exe ASLR DEP/NX SafeSEH
        usr/share/clamav-testfiles/clam-upx.exe ASLR DEP/NX SafeSEH
        usr/share/clamav-testfiles/clam-wwpack.exe ASLR DEP/NX SafeSEH
        usr/share/clamav-testfiles/clam-yc.exe ASLR DEP/NX SafeSEH
        usr/share/clamav-testfiles/clam.ea05.exe ASLR DEP/NX
        usr/share/clamav-testfiles/clam.ea06.exe ASLR DEP/NX
        usr/share/clamav-testfiles/clam.exe ASLR DEP/NX
        usr/share/clamav-testfiles/clam_IScab_ext.exe ASLR DEP/NX
        usr/share/clamav-testfiles/clam_IScab_int.exe ASLR DEP/NX
        usr/share/clamav-testfiles/clam_ISmsi_ext.exe ASLR DEP/NX
        usr/share/clamav-testfiles/clam_ISmsi_int.exe ASLR DEP/NX

--- End Message ---
--- Begin Message --- 
Hi Scott,

On Mon, Apr 1, 2019 at 6:00 AM Scott Kitterman <debian@kitterman.com> wrote:
>
> I'm reasonably confident that clamav testfiles don't need
> hardening features, so [1] seems pretty pointless.

I saw the overrides in clamav-testfiles. That was probably the right
thing to do.

As an alternative, you could modify the flags (or ask upstream to do
so) with a tool called 'genpeimg'. We had a similar issue with
systemd's gummiboot executables. You can find more details here:

    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926823

Personally, I do not understand how the PE32+ security features work
(even though I wrote the check). They are stored as part of the
executable and seem to express a designation by the author more than
an out-of-channel, system-wide privilege.

> These are all EICAR test files [1].  Generically these are all test files (I haven't checked, other packages may ship these to).  It would be at least slightly generic and not unreasonable to exclude any files with the EICAR test string from the test.

Like Chris, I examined the test files, and like Chris I was unable to
find the EICAR string or any other distinguishing feature that would
allow us to disregard the clamav test files in the Lintian check. Your
overrides are an appropriate remedy.

Closing this bug. Please re-open if you disagree.

Kind regards
Felix Lechner

--- End Message ---
Reply to: