Archives
Archives
| From: | Kyle Bader <kyle.bader@×××××.com> | ||
|---|---|---|---|
| To: | gentoo-hardened@l.g.o | ||
| Subject: | Re: [gentoo-hardened] FYI: Clamav bytecode feature isn't compatible with PaX | ||
| Date: | Thu, 22 Jul 2010 15:02:57 | ||
| Message-Id: | AANLkTimUokS1z1_3jExwIlIIiHztWhLpDivDZOjLQCbm@mail.gmail.com | ||
| In Reply to: | [gentoo-hardened] FYI: Clamav bytecode feature isn't compatible with PaX by "Tóth Attila" |
||
| 1 | > https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2092 |
| 2 | > http://bugs.gentoo.org/show_bug.cgi?id=326199 |
| 3 | > |
| 4 | > https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2092#c39 |
| 5 | > It raises two questions: |
| 6 | > 1. What is the neat way of detecting PaX running on a system? |
| 7 | |
| 8 | http://tk-blog.blogspot.com/2009/02/checksec.html |
| 9 | |
| 10 | > 2. Edwin Török says PaX allows RWX mapping and kills the program after that. |
| 11 | |
| 12 | http://pax.grsecurity.net/docs/pageexec.txt |
| 13 | |
| 14 | -- |
| 15 | |
| 16 | Kyle |