1 |
Hi! |
2 |
|
3 |
On Sat, Nov 08, 2008 at 11:13:47PM +0200, pageexec@××××××××.hu wrote: |
4 |
> is overstepped, the given process should get a segfault on all execution |
5 |
> paths that i checked yet it clearly hasn't happened according to the strace. |
6 |
yeah |
7 |
> so that leaves one option open, some bug/misreporting by grsec (or maybe PaX?) |
8 |
> but then looking at the code, i don't see how that would happen either... can |
9 |
> you tell me which kernel this happened on (or more precisely, which grsec |
10 |
> version it was) and whether you can still reproduce it with the latest grsec |
11 |
> (or PaX) test patch? |
12 |
|
13 |
The problem is still here, I'm on latests hardened kernel: 2.6.25-hardened-r8. |
14 |
Not sure about version of grsec/pax patches, probably it's easier for you |
15 |
to check this, you should know where to look. :) |
16 |
|
17 |
Here is last 10 records from my kernel log, maybe there will be some |
18 |
additional information for you which give new ideas. I'm ready to help in |
19 |
any way debugging this issue, but have no idea what to do - feel free to |
20 |
direct me. I can try test patches for kernel which you provide, or |
21 |
something else. |
22 |
|
23 |
|
24 |
2008-11-08_20:30:03.46138 kern.alert: grsec: denied resource overstep by requesting 201359360 for RLIMIT_STACK against limit 8388608 for /var/qmail/bin/qmail-local[qmail-local:4198] uid/euid:1000/1000 gid/egid:100/100, parent /var/qmail/bin/qmail-local[qmail-local:4195] uid/euid:1000/1000 gid/egid:100/100 |
25 |
2008-11-08_20:30:03.52322 kern.alert: grsec: denied resource overstep by requesting 237776896 for RLIMIT_AS against limit 16000000 for /var/qmail/bin/qmail-smtpd[qmail-smtpd:4181] uid/euid:201/201 gid/egid:200/200, parent /usr/bin/tcpserver[tcpserver:1393] uid/euid:201/201 gid/egid:200/200 |
26 |
2008-11-08_20:36:58.13311 kern.alert: grsec: From 74.6.18.224: denied resource overstep by requesting 71270400 for RLIMIT_STACK against limit 8388608 for /bin/cat[cat:5103] uid/euid:81/81 gid/egid:81/81, parent /usr/sbin/apache2[apache2:31931] uid/euid:81/81 gid/egid:81/81 |
27 |
2008-11-08_21:20:39.81525 kern.alert: grsec: From 89.152.88.136: denied resource overstep by requesting 116932608 for RLIMIT_STACK against limit 8388608 for /bin/cat[cat:10926] uid/euid:81/81 gid/egid:81/81, parent /usr/sbin/apache2[apache2:31245] uid/euid:81/81 gid/egid:81/81 |
28 |
2008-11-08_21:21:58.66969 kern.alert: grsec: From 89.152.88.136: denied resource overstep by requesting 190038016 for RLIMIT_STACK against limit 8388608 for /bin/cat[cat:11107] uid/euid:81/81 gid/egid:81/81, parent /usr/sbin/apache2[apache2:7343] uid/euid:81/81 gid/egid:81/81 |
29 |
2008-11-08_21:40:03.24127 kern.alert: grsec: From 190.18.168.208: denied resource overstep by requesting 108195840 for RLIMIT_AS against limit 16000000 for /var/qmail/bin/qmail-smtpd[qmail-smtpd:13392] uid/euid:201/201 gid/egid:200/200, parent /usr/bin/tcpserver[tcpserver:1393] uid/euid:201/201 gid/egid:200/200 |
30 |
2008-11-08_21:44:35.41418 kern.alert: grsec: From 190.18.168.208: denied resource overstep by requesting 193503232 for RLIMIT_AS against limit 16000000 for /var/qmail/bin/qmail-smtpd[qmail-smtpd:13977] uid/euid:201/201 gid/egid:200/200, parent /usr/bin/tcpserver[tcpserver:1393] uid/euid:201/201 gid/egid:200/200 |
31 |
2008-11-08_22:00:03.85310 kern.alert: grsec: denied resource overstep by requesting 167862272 for RLIMIT_STACK against limit 8388608 for /var/qmail/bin/qmail-local[qmail-local:16688] uid/euid:1000/1000 gid/egid:100/100, parent /var/qmail/bin/qmail-local[qmail-local:16685] uid/euid:1000/1000 gid/egid:100/100 |
32 |
2008-11-08_22:13:56.27917 kern.alert: grsec: From 67.207.142.3: denied resource overstep by requesting 96808960 for RLIMIT_AS against limit 16000000 for /var/qmail/bin/qmail-smtpd[qmail-smtpd:18392] uid/euid:201/201 gid/egid:200/200, parent /usr/bin/tcpserver[tcpserver:1393] uid/euid:201/201 gid/egid:200/200 |
33 |
2008-11-08_22:20:18.01759 kern.alert: grsec: denied resource overstep by requesting 138416128 for RLIMIT_STACK against limit 8388608 for /var/qmail/bin/forward[forward:19399] uid/euid:1000/1000 gid/egid:100/100, parent /var/qmail/bin/qmail-local[qmail-local:19396] uid/euid:1000/1000 gid/egid:100/100 |
34 |
|
35 |
-- |
36 |
WBR, Alex. |