| 1 |
2009/4/3 Alex Efros <powerman@××××××××××××××××××.com> |
| 2 |
|
| 3 |
> Hi! |
| 4 |
> |
| 5 |
> On Thu, Apr 02, 2009 at 11:17:10PM +0200, pageexec@××××××××.hu wrote: |
| 6 |
> > can you strace bash/etc to see what happens? probably we'll see what runs |
| 7 |
> |
| 8 |
> how do I can strace process N1? |
| 9 |
> PaX doesn't kill bash if it executed not as process N1. |
| 10 |
> |
| 11 |
> > against the MPROTECT restricions. my guess is either textrels or |
| 12 |
> gnu_stack |
| 13 |
> > (compare scanelf -lpqRte on your systems). |
| 14 |
> |
| 15 |
> it's same on all servers: |
| 16 |
> |
| 17 |
> # scanelf -lpqRte |
| 18 |
> TEXTREL /usr/lib/perl5/site_perl/5.8.8/i686-linux/auto/Math/Pari/Pari.so |
| 19 |
> RWX --- --- /usr/lib/paxtest/writetext |
| 20 |
> RWX --- --- /usr/lib/paxtest/shlibbss |
| 21 |
> RWX --- --- /usr/lib/paxtest/mprotanon |
| 22 |
> RWX --- --- /usr/lib/paxtest/mprotdata |
| 23 |
> RWX --- --- /usr/lib/paxtest/mprotheap |
| 24 |
> RWX --- --- /usr/lib/paxtest/rettofunc1 |
| 25 |
> RWX --- --- /usr/lib/paxtest/rettofunc2 |
| 26 |
> RWX --- --- /usr/lib/paxtest/execbss |
| 27 |
> RWX --- --- /usr/lib/paxtest/execstack |
| 28 |
> RWX --- --- /usr/lib/paxtest/mprotshbss |
| 29 |
> RWX --- --- /usr/lib/paxtest/mprotstack |
| 30 |
> RWX --- --- /usr/lib/paxtest/mprotbss |
| 31 |
> RWX --- --- /usr/lib/paxtest/anonmap |
| 32 |
> RWX --- --- /usr/lib/paxtest/mprotshdata |
| 33 |
> RWX --- --- /usr/lib/paxtest/execdata |
| 34 |
> RWX --- --- /usr/lib/paxtest/execheap |
| 35 |
> RWX --- --- /usr/lib/paxtest/rettofunc1x |
| 36 |
> RWX --- --- /usr/lib/paxtest/rettofunc2x |
| 37 |
> RWX --- --- /usr/lib/paxtest/shlibdata |
| 38 |
> RWX --- --- /usr/inferno/Linux/386/bin/emu |
| 39 |
> RWX --- --- /usr/inferno/Linux/386/bin/emu-g |
| 40 |
> |
| 41 |
> > btw, why are you using SEGMEXEC on your core2? |
| 42 |
> |
| 43 |
> Hmm. You think I should use PAGEEXEC instead? According to help in linux |
| 44 |
> kernel SEGMEXEC looks more suitable for Core2Duo and Xeon E5310... |
| 45 |
> |
| 46 |
> In help for PAGEEXEC it doesn't recommended for P4 and there is nothing |
| 47 |
> about newest processors, so I suppose PAGEEXEC may not be a good choice. |
| 48 |
> |
| 49 |
> After your question I've re-read help, and notice "i386 with hardware |
| 50 |
> non-executable bit support" item at end of list with less usual archs like |
| 51 |
> avr32, sparc, etc. If that was said about Core/Xeon too, then there |
| 52 |
> probably little usability issue with that help. ;-) |
| 53 |
> |
| 54 |
Just check if the cpu has the NX flag, if it does, you should use pageexec. |
Archives