| 1 |
> It's only with this DLL |
| 2 |
> |
| 3 |
> My log report this : |
| 4 |
> May 31 21:52:19 efflam PAX: execution attempt in: /dev/zero, 00401000-004a6000 00000000 |
| 5 |
> May 31 21:52:19 efflam PAX: terminating task: /usr/bin/mplayer(mplayer):32327, uid/euid: 1000/1000, PC: 004097d4, SP: 5fd08aac |
| 6 |
> May 31 21:52:19 efflam PAX: bytes at PC: 55 8b ec 53 8b 5d 08 56 8b 75 0c 85 f6 57 8b 7d 10 75 09 83 |
| 7 |
> May 31 21:52:19 efflam PAX: bytes at SP: 0818afe5 00400000 00000001 00000000 2599e211 99692c8b 26206d68 5fd08ae8 2615baa2 26207760 0000000c 00000000 086e75a8 00000000 00000000 5fd08b28 0817a4a0 086e75a8 00000001 00000000 |
| 8 |
> |
| 9 |
> I have this configuration : |
| 10 |
> media-video/mplayer-1.0_pre4-r4 |
| 11 |
> sys-kernel/hardened-dev-sources-2.6.4-r3 |
| 12 |
> |
| 13 |
> Linux efflam 2.6.4-hardened-r3 #5 Fri Apr 2 15:32:48 CEST 2004 i686 Pentium III (Coppermine) GenuineIntel GNU/Linux |
| 14 |
> |
| 15 |
> Did anybody know why this think appear and why ? and how to resolve it ? |
| 16 |
|
| 17 |
this is a bug/feature of the mplayer PE loader, instead of using file mappings |
| 18 |
they read them into (essentially) anonymous memory and that won't work under |
| 19 |
PaX. if they get at least the access rights properly, then you could just |
| 20 |
disable MPROTECT on mplayer and it should work, if they don't then you'll have |
| 21 |
to disable PAGEEXEC/SEGMEXEC as well. |
| 22 |
|
| 23 |
|
| 24 |
-- |
| 25 |
gentoo-hardened@g.o mailing list |
Archives