1 |
2009/4/3 Alex Efros <powerman@××××××××××××××××××.com> |
2 |
|
3 |
> Hi! |
4 |
> |
5 |
> On Thu, Apr 02, 2009 at 11:17:10PM +0200, pageexec@××××××××.hu wrote: |
6 |
> > can you strace bash/etc to see what happens? probably we'll see what runs |
7 |
> |
8 |
> how do I can strace process N1? |
9 |
> PaX doesn't kill bash if it executed not as process N1. |
10 |
> |
11 |
> > against the MPROTECT restricions. my guess is either textrels or |
12 |
> gnu_stack |
13 |
> > (compare scanelf -lpqRte on your systems). |
14 |
> |
15 |
> it's same on all servers: |
16 |
> |
17 |
> # scanelf -lpqRte |
18 |
> TEXTREL /usr/lib/perl5/site_perl/5.8.8/i686-linux/auto/Math/Pari/Pari.so |
19 |
> RWX --- --- /usr/lib/paxtest/writetext |
20 |
> RWX --- --- /usr/lib/paxtest/shlibbss |
21 |
> RWX --- --- /usr/lib/paxtest/mprotanon |
22 |
> RWX --- --- /usr/lib/paxtest/mprotdata |
23 |
> RWX --- --- /usr/lib/paxtest/mprotheap |
24 |
> RWX --- --- /usr/lib/paxtest/rettofunc1 |
25 |
> RWX --- --- /usr/lib/paxtest/rettofunc2 |
26 |
> RWX --- --- /usr/lib/paxtest/execbss |
27 |
> RWX --- --- /usr/lib/paxtest/execstack |
28 |
> RWX --- --- /usr/lib/paxtest/mprotshbss |
29 |
> RWX --- --- /usr/lib/paxtest/mprotstack |
30 |
> RWX --- --- /usr/lib/paxtest/mprotbss |
31 |
> RWX --- --- /usr/lib/paxtest/anonmap |
32 |
> RWX --- --- /usr/lib/paxtest/mprotshdata |
33 |
> RWX --- --- /usr/lib/paxtest/execdata |
34 |
> RWX --- --- /usr/lib/paxtest/execheap |
35 |
> RWX --- --- /usr/lib/paxtest/rettofunc1x |
36 |
> RWX --- --- /usr/lib/paxtest/rettofunc2x |
37 |
> RWX --- --- /usr/lib/paxtest/shlibdata |
38 |
> RWX --- --- /usr/inferno/Linux/386/bin/emu |
39 |
> RWX --- --- /usr/inferno/Linux/386/bin/emu-g |
40 |
> |
41 |
> > btw, why are you using SEGMEXEC on your core2? |
42 |
> |
43 |
> Hmm. You think I should use PAGEEXEC instead? According to help in linux |
44 |
> kernel SEGMEXEC looks more suitable for Core2Duo and Xeon E5310... |
45 |
> |
46 |
> In help for PAGEEXEC it doesn't recommended for P4 and there is nothing |
47 |
> about newest processors, so I suppose PAGEEXEC may not be a good choice. |
48 |
> |
49 |
> After your question I've re-read help, and notice "i386 with hardware |
50 |
> non-executable bit support" item at end of list with less usual archs like |
51 |
> avr32, sparc, etc. If that was said about Core/Xeon too, then there |
52 |
> probably little usability issue with that help. ;-) |
53 |
> |
54 |
Just check if the cpu has the NX flag, if it does, you should use pageexec. |