| 1 |
Hi! |
| 2 |
|
| 3 |
On Sat, Nov 08, 2008 at 11:55:05PM +0200, pageexec@××××××××.hu wrote: |
| 4 |
> hmm that's a bit too old kernel for us, can you try your .config with a more |
| 5 |
> recent one, preferably .27.5 that spender just put up on his test page? what |
| 6 |
|
| 7 |
I've tried sys-kernel/vanilla-sources-2.6.27.5 with (separately) both |
| 8 |
pax-linux-2.6.27.5-test13.patch and |
| 9 |
grsecurity-2.1.12-2.6.27.5-200811071900.patch |
| 10 |
|
| 11 |
I boot kernel with init=/bin/bash and run that script: |
| 12 |
|
| 13 |
#!/bin/sh |
| 14 |
mount -n -t ramfs none /dev |
| 15 |
mknod -m 660 /dev/console c 5 1 |
| 16 |
mknod -m 660 /dev/null c 1 3 |
| 17 |
perl -e 'exec @ARGV' /bin/pwd |
| 18 |
|
| 19 |
with PaX patch I don't see anything in dmesg, with grsec patch I see this |
| 20 |
approx on each second execution of above script: |
| 21 |
|
| 22 |
grsec: denied resource overstep by requesting 191062016 for RLIMIT_STACK against limit 8388608 for /bin/pwd[pwd:596] uid/euid:0/0 gid/egid:0/0, parent /tmp/pwd[pwd:592] uid/euid:0/0 gid/egid:0/0 |
| 23 |
grsec: denied resource overstep by requesting 246771712 for RLIMIT_STACK against limit 8388608 for /bin/pwd[pwd:611] uid/euid:0/0 gid/egid:0/0, parent /tmp/pwd[pwd:607] uid/euid:0/0 gid/egid:0/0 |
| 24 |
grsec: denied resource overstep by requesting 123482112 for RLIMIT_STACK against limit 8388608 for /bin/pwd[pwd:616] uid/euid:0/0 gid/egid:0/0, parent /tmp/pwd[pwd:612] uid/euid:0/0 gid/egid:0/0 |
| 25 |
|
| 26 |
-- |
| 27 |
WBR, Alex. |
Archives