[rsbac] PAX PAGEXEC doesn't work on 2.6.7 rsbac kernel
Amon Ott
ao at rsbac.org
Mon Jan 10 16:40:03 CET 2005
On Montag, 10. Januar 2005 10:20, Andrea Pasquinucci wrote:
> Hi, I attach the paxtest-0.6.9 output from one of my machines
running
> 2.6.7-rsbac-v1.2.3-bf7-pax-soft built from the same prepatched
kernel.
> You can find the kernel I use on
http://fedora.rsbac.mprivacy-update.de/
> as RPM. As you see, all the first tests are killed, so there should
be
> something wrong in your building the kernel. I attach also my kernel
> config for you to check.
The issue has just been solved: The RSBAC default PaX flags do not
enable PAGEEXEC, which was the recommended behaviour. The kernel in
question had no SEGMEXEC support, so no protection was left.
If you encounter the same problem, either apply bugfix v1.2.3-11,
which adds the flag, or change it by hand in include/rsbac/types.h.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
-------------- nächster Teil --------------
Ein Dateianhang mit Bin?rdaten wurde geschreddert...
Dateiname : nicht verf?gbar
Dateityp : application/pgp-signature
Dateigr??e : 189 bytes
Beschreibung: signature
URL : http://www.rsbac.org/pipermail/rsbac/attachments/20050110/9209dc06/attachment.bin
More information about the rsbac
mailing list