Gentoo Archives: gentoo-hardened

From:	"Javier J. Martínez Cabezón" <tazok.id0@×××××.com>
To:	gentoo-hardened@l.g.o
Subject:	Re: [gentoo-hardened] RLIMIT_MEMLOCK but can't paxctl -m
Date:	Sun, 25 Jan 2009 17:28:14
Message-Id:	`897813410901250928p515349cdua657d6f519edd194@mail.gmail.com`
In Reply to:	Re: [gentoo-hardened] RLIMIT_MEMLOCK but can't paxctl -m by Grant

1	PaX flags only marks elf files not scripts.
2
3	2009/1/25 Grant <emailgrant@×××××.com>:
4	>> can you put the output of file /usr/bin/miro?
5	>
6	> That file is just:
7	>
8	> #!/bin/sh
9	> miro.real "$@"
10	>
11	> and /usr/bin/miro.real is a python script.
12	>
13	> - Grant
14	>
15	>
16	>>> I'm getting:
17	>>>
18	>>> grsec: denied resource overstep by requesting 135168 for
19	>>> RLIMIT_MEMLOCK against limit 32768 for
20	>>> /usr/bin/miro.real[miro.real:12965] uid/euid:1000/1000
21	>>> gid/egid:100/100, parent /usr/bin/miro[miro:12964] uid/euid:1000/1000
22	>>> gid/egid:100/100
23	>>>
24	>>> but both 'paxctl -m /usr/bin/miro' and 'paxctl -m /usr/bin/miro.real'
25	>>> return "file is not a valid ELF executable". Am I using the wrong
26	>>> command?
27	>>>
28	>>> - Grant
29	>
30	>

Subject	Author
Re: [gentoo-hardened] RLIMIT_MEMLOCK but can't paxctl -m	Grant <emailgrant@×××××.com>