oswatcher icon indicating copy to clipboard operation
oswatcher copied to clipboard

Published 20 hours ago verified publisher icon Wenzel

Security: Checksec JSON output keys are not reliable

Open Wenzel opened this issue 5 years ago • 0 comments

Checksec's JSON should contain a key which is the filepath:

~/Projets/oswatcher/tools/checksec/checksec --output=json --file=/usr/bin/xz | jq .

{
  "/usr/bin/xz": {
    "relro": "full",
    "canary": "yes",
    "nx": "yes",
    "pie": "yes",
    "rpath": "no",
    "runpath": "no",
    "symbols": "no",
    "fortify_source": "yes",
    "fortified": "5",
    "fortify-able": "8"
  }
}

However, some files are indexed by a file key, and not by their filepath:

~/Projets/oswatcher/tools/checksec/checksec --output=json --file=klibc-usBAintlt99f0TITo98H_trqH2c.so | jq .

{
  "file": {
    "relro": "no",
    "canary": "no",
    "nx": "no",
    "pie": "no",
    "rpath": "no",
    "runpath": "no",
    "symbols": "no",
    "fortify_source": "no",
    "fortified": "0",
    "fortify-able": "0"
  }
}

Wenzel avatar Apr 17 '20 13:04 Wenzel