1 |
On 13 Feb 2008 at 15:07, Geoff Kassel wrote: |
2 |
|
3 |
> Speaking of PaX, another great, impossible thing would be to have a |
4 |
> kernel-level feature for handling PaX violations in a less violent manner |
5 |
> (core dumps are violent, in my mind) |
6 |
|
7 |
coredumps are subject to the usual rlimit, so it's under userland control. |
8 |
|
9 |
> - perhaps suspension of the process in question until investigated, |
10 |
|
11 |
problem with this is DoS (exhaustion of RLIMIT_NPROC, not to mention all the |
12 |
memory and other resources used by the process). probably not a problem for |
13 |
a malicious local user as he'll just lock himself out but for a system service |
14 |
(think apache or mysql) it is. |
15 |
|
16 |
> with the possibility of resumption |
17 |
|
18 |
this is not possible as the page fault that triggered PaX would just |
19 |
occur again, ad infinitum. i.e., the userland process cannot make forward |
20 |
progress (the non-executable or unmapped page where the fault occured will |
21 |
stay so), the kernel must do something about it. |
22 |
|
23 |
> (Perhaps I'm just unaware of an already existing feature.) Again, an |
24 |
> upstream issue. |
25 |
|
26 |
here's upstream ;-). |
27 |
|
28 |
-- |
29 |
gentoo-hardened@l.g.o mailing list |