| 1 |
Hi all, |
| 2 |
Tried to push grsec&PaX settings to the limits. Used quite all settings from quickstart-guide and got this with paxtest-0.9.5: |
| 3 |
...BEGIN CUT ... |
| 4 |
PaXtest - Copyright(c) 2003 by Peter Busser <peter@×××××××××.org> |
| 5 |
Released under the GNU Public Licence version 2 or later |
| 6 |
|
| 7 |
It may take a while for the tests to complete |
| 8 |
Test results: |
| 9 |
PaXtest - Copyright(c) 2003 by Peter Busser <peter@×××××××××.org> |
| 10 |
Released under the GNU Public Licence version 2 or later |
| 11 |
|
| 12 |
Executable anonymous mapping : Killed |
| 13 |
Executable bss : Killed |
| 14 |
Executable data : Killed |
| 15 |
Executable heap : Killed |
| 16 |
Executable stack : Killed |
| 17 |
Executable anonymous mapping (mprotect) : Killed |
| 18 |
Executable bss (mprotect) : Killed |
| 19 |
Executable data (mprotect) : Killed |
| 20 |
Executable heap (mprotect) : Killed |
| 21 |
Executable shared library bss (mprotect) : Killed |
| 22 |
Executable shared library data (mprotect): Killed |
| 23 |
Executable stack (mprotect) : Killed |
| 24 |
Anonymous mapping randomisation test : 16 bits (guessed) |
| 25 |
Heap randomisation test (ET_EXEC) : 25 bits (guessed) |
| 26 |
Heap randomisation test (ET_DYN) : 25 bits (guessed) |
| 27 |
Main executable randomisation (ET_EXEC) : 17 bits (guessed) |
| 28 |
Main executable randomisation (ET_DYN) : 17 bits (guessed) |
| 29 |
Shared library randomisation test : 16 bits (guessed) |
| 30 |
Stack randomisation test (SEGMEXEC) : 23 bits (guessed) |
| 31 |
Stack randomisation test (PAGEEXEC) : 23 bits (guessed) |
| 32 |
Return to function (strcpy) : Vulnerable |
| 33 |
Return to function (strcpy, RANDEXEC) : Vulnerable |
| 34 |
Return to function (memcpy) : Vulnerable |
| 35 |
Return to function (memcpy, RANDEXEC) : Vulnerable |
| 36 |
Executable shared library bss : Killed |
| 37 |
Executable shared library data : Killed |
| 38 |
Writable text segments : Killed |
| 39 |
... END CUT ... |
| 40 |
1.Could something be done about this 4 'Vuln.' left? |
| 41 |
PS: can't use ACL for now as i'm on reiserfs3, so no easy acl support still. Am i wrong? |
| 42 |
2.Also managed to get xorg-X11-6.7.0-r1 to work using these settings, compiled it with USE="static -hardened" so no modules loading (thanks to forums.grsecurity.net). But can't get it to work with the binary-nvidia driver 'nvidia' works only with 2-D 'nv' driver, but for now it's enough for me. Nvidia-kernel module is loaded, so maybe it's something to do with loading kernel-glx module and xorg-x11 being'static'. Suggestions? |
| 43 |
3.Problems with paxtest-0.9.6 (still not in portage). Took it from adamantix.org project page. Can't compile it some error there: |
| 44 |
..BEGIN CUT... |
| 45 |
make gentoo |
| 46 |
make -f Makefile.Gentoo |
| 47 |
make[1]: Entering directory `/home/gentoo/src/paxtest-0.9.6' |
| 48 |
gcc -specs=dumpspecs -o anonmap body.o anonmap.o |
| 49 |
body.o(.text+0x131): In function `main': |
| 50 |
: undefined reference to `pthread_create' |
| 51 |
body.o(.text+0x14a): In function `main': |
| 52 |
: undefined reference to `pthread_kill' |
| 53 |
collect2: ld returned 1 exit status |
| 54 |
make[1]: *** [anonmap] Error 1 |
| 55 |
make[1]: Leaving directory `/home/gentoo/src/paxtest-0.9.6' |
| 56 |
make: *** [gentoo] Error 2 |
| 57 |
...END CUT... |
| 58 |
i'm compiling with grsec turned ON and GCC-3.3.3-r6 (hardened i think). |
| 59 |
paxtest-0.9.5 compiles OK. |
| 60 |
TIA. |
| 61 |
Rumen |
Archives