1 |
Hi! |
2 |
|
3 |
On Sat, Nov 08, 2008 at 11:55:05PM +0200, pageexec@××××××××.hu wrote: |
4 |
> hmm that's a bit too old kernel for us, can you try your .config with a more |
5 |
> recent one, preferably .27.5 that spender just put up on his test page? what |
6 |
|
7 |
I've tried sys-kernel/vanilla-sources-2.6.27.5 with (separately) both |
8 |
pax-linux-2.6.27.5-test13.patch and |
9 |
grsecurity-2.1.12-2.6.27.5-200811071900.patch |
10 |
|
11 |
I boot kernel with init=/bin/bash and run that script: |
12 |
|
13 |
#!/bin/sh |
14 |
mount -n -t ramfs none /dev |
15 |
mknod -m 660 /dev/console c 5 1 |
16 |
mknod -m 660 /dev/null c 1 3 |
17 |
perl -e 'exec @ARGV' /bin/pwd |
18 |
|
19 |
with PaX patch I don't see anything in dmesg, with grsec patch I see this |
20 |
approx on each second execution of above script: |
21 |
|
22 |
grsec: denied resource overstep by requesting 191062016 for RLIMIT_STACK against limit 8388608 for /bin/pwd[pwd:596] uid/euid:0/0 gid/egid:0/0, parent /tmp/pwd[pwd:592] uid/euid:0/0 gid/egid:0/0 |
23 |
grsec: denied resource overstep by requesting 246771712 for RLIMIT_STACK against limit 8388608 for /bin/pwd[pwd:611] uid/euid:0/0 gid/egid:0/0, parent /tmp/pwd[pwd:607] uid/euid:0/0 gid/egid:0/0 |
24 |
grsec: denied resource overstep by requesting 123482112 for RLIMIT_STACK against limit 8388608 for /bin/pwd[pwd:616] uid/euid:0/0 gid/egid:0/0, parent /tmp/pwd[pwd:612] uid/euid:0/0 gid/egid:0/0 |
25 |
|
26 |
-- |
27 |
WBR, Alex. |