Uploaded image for project: 'Commons Daemon'
  1. Commons Daemon
  2. DAEMON-346

Compile PROCRUN with Data Execution Prevention (DEP) flag

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Wish
    • Status: Resolved
    • Critical
    • Resolution: Fixed
    • 1.0.15
    • 1.1.0
    • Procrun

    Description

      What was the activity?

      We are using PROCRUN to run Java app as service. This is distributed across a network (more than 15,000). Our security team highlighted

      Executables not compiled following best practices.
      The application(s) and/or dll(s) are not compiled with
      modern day OS controls such as: ASLR, NX, or DEP.
      Although vulnerability was not discovered, if in the
      future there is one, remote code execution may be
      possible due to lack of operating system controls enabled
      on these executables.

      Is PROCRUN not compiled using DEP?

      PS: This is a not configuration/support request.

      Attachments

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            hsehdar Hsehdar
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment