From: | Kyle Bader <kyle.bader@×××××.com> | ||
---|---|---|---|
To: | gentoo-hardened@l.g.o | ||
Subject: | Re: [gentoo-hardened] FYI: Clamav bytecode feature isn't compatible with PaX | ||
Date: | Thu, 22 Jul 2010 15:02:57 | ||
Message-Id: | AANLkTimUokS1z1_3jExwIlIIiHztWhLpDivDZOjLQCbm@mail.gmail.com | ||
In Reply to: | [gentoo-hardened] FYI: Clamav bytecode feature isn't compatible with PaX by "Tóth Attila" |
1 | > https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2092 |
2 | > http://bugs.gentoo.org/show_bug.cgi?id=326199 |
3 | > |
4 | > https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2092#c39 |
5 | > It raises two questions: |
6 | > 1. What is the neat way of detecting PaX running on a system? |
7 | |
8 | http://tk-blog.blogspot.com/2009/02/checksec.html |
9 | |
10 | > 2. Edwin Török says PaX allows RWX mapping and kills the program after that. |
11 | |
12 | http://pax.grsecurity.net/docs/pageexec.txt |
13 | |
14 | -- |
15 | |
16 | Kyle |