[GTALUG] 'file' maintainer? (or fun with PIE and magic)

[Stewart C. Russell]

Anyone know how to get in touch with the maintainers of 'file'? Seems
the links in the man pages and Ian Darwin's site -
http://www.darwinsys.com/file/ - don't work. The file magic database
needs an update to correctly recognize PIE (Position Independent
Executable) x86 ELF binaries as application/x-executable.

This might seem an incredibly trivial thing, but it effectively stops
graphical file managers from executing binaries, as they use magic (5)
to identify files. Debian switched to making PIE a default for gcc for
security reasons, but probably didn't expect it to break graphical UIs.

Here's what I'm seeing:

Expected behaviour:

    $ echo "int main() { return 0; }" > foo.c
    $ gcc -o foo foo.c
    $ file foo
    foo: ELF 64-bit LSB executable, x86-64, version 1 (SYSV),
dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for
GNU/Linux 3.2.0, BuildID[sha1]=6e7749f995a89a53f74ec29d3c16fcf3f56be90f,
not stripped
    $ file --mime-type foo
    foo: application/x-executable

Actual behaviour:

    $ echo "int main() { return 0; }" > foo.c
    $ gcc -o foo foo.c
    $ file foo
    foo: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV),
dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for
GNU/Linux 3.2.0, BuildID[sha1]=6e7749f995a89a53f74ec29d3c16fcf3f56be90f,
not stripped
    $ file --mime-type foo
    foo: application/x-sharedlib

Workaround:

    $ echo "int main() { return 0; }" > foo.c
    $ gcc -o foo-nopie foo.c -no-pie
    $ file foo-nopie
    foo-nopie: ELF 64-bit LSB executable, x86-64, version 1 (SYSV),
dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for
GNU/Linux 3.2.0, BuildID[sha1]=3eb8c581f43c19997e3c828f5a9730dbdc794470,
not stripped
    $ file --mime-type foo-nopie
    foo-nopie: application/x-executable

I'm a bit worried that the workaround allows less safe binaries to be
double-clicked and run. I'm not sure how much of a security issue PIE vs
non-PIE is, though.

cheers,
 Stewart