Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

/snap/cups/1052/scripts/port-occupied flagged as malware #21

Open
jr-cobweb opened this issue Jun 27, 2024 · 1 comment
Open

/snap/cups/1052/scripts/port-occupied flagged as malware #21

jr-cobweb opened this issue Jun 27, 2024 · 1 comment

Comments

@jr-cobweb
Copy link

Hi, /snap/cups/1052/scripts/port-occupied has been flagged as malware by our security software. I've opened the file and can see snippets like this, which look suspect:

8-8=8=H-H=H=8880hhhDDStd8880Ptd!!!44QtdRtd8-8=8=/lib64/ld-linux-x86-64.so.2 GNUGNUa|

Is this to be expected?

Version: 2.4.10-1
@tillkamppeter
Copy link
Member

I do not see anything suspect in the snippet you are showing. Every executable built from a C source file containst the string /lib64/ld-linux-x86-64.so.2.

The source code is in the cups-snap repo: scripts/port-occupied.c and gets compiled by the build-override scriptlet of the "scripts" part in snapcraft.yaml:

  scripts:
    plugin: dump
    source: scripts/
    override-build: |
      set -eux
      gcc -o port-occupied port-occupied.c
      craftctl default

I do not see anything wrong here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tillkamppeter @jr-cobweb