[rsbac] PAX PAGEXEC doesn't work on 2.6.7 rsbac kernel

Amon Ott ao at rsbac.org
Mon Jan 10 16:40:03 CET 2005

On Montag, 10. Januar 2005 10:20, Andrea Pasquinucci wrote:
> Hi, I attach the paxtest-0.6.9 output from one of my machines 
> 2.6.7-rsbac-v1.2.3-bf7-pax-soft built from the same prepatched 
> You can find the kernel I use on 
> as RPM. As you see, all the first tests are killed, so there should 
> something wrong in your building the kernel. I attach also my kernel 
> config for you to check.

The issue has just been solved: The RSBAC default PaX flags do not 
enable PAGEEXEC, which was the recommended behaviour. The kernel in 
question had no SEGMEXEC support, so no protection was left.

If you encounter the same problem, either apply bugfix v1.2.3-11, 
which adds the flag, or change it by hand in include/rsbac/types.h.

http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
-------------- nächster Teil --------------
Ein Dateianhang mit Bin?rdaten wurde geschreddert...
Dateiname   : nicht verf?gbar
Dateityp    : application/pgp-signature
Dateigr??e  : 189 bytes
Beschreibung: signature
URL         : http://www.rsbac.org/pipermail/rsbac/attachments/20050110/9209dc06/attachment.bin

More information about the rsbac mailing list