[grsec] grsec proc bug since 2.4.23 resurfaced
Auke Kok
sofar at lunar-linux.org
Fri Dec 10 07:09:09 EST 2004
Brad,
back in 2.4.23 I reported a possible PROCFS bug related to grsecurity
with 2.4.23 and it's grsec patch
http://lkml.org/lkml/2003/12/14/87
I fail to recall if I filed it with you or the grsec ML back then. I
think I did. I however notice this error report:
http://grsecurity.net/pipermail/grsecurity/2004-August/000020.html
which seems awkwardly related to my problem ;^)
The same behaviour has now resurfaced on a NEW machine (2.4.28 + 2.0.2)
and also on the old one too, so I have 3 cases of grsecurity (2 distinct
releases) where this problem occurs.
A demonstration:
root at espresso /proc # while sleep 1 ; do ls -ld net sys ; done
srwxrwxrwx 10 root root 0 2004-12-10 11:57 sys
srwxrwxrwx 4 httpd httpd 0 2004-12-10 11:58 net
srwxrwxrwx 10 root root 0 2004-12-10 11:58 sys
srwxrwxrwx 4 httpd httpd 0 2004-12-10 11:58 net
srwxrwxrwx 10 root root 0 2004-12-10 11:58 sys
srwxrwxrwx 4 httpd httpd 0 2004-12-10 11:58 net
srwxrwxrwx 10 root root 0 2004-12-10 11:58 sys
-r--r--r-- 4 xfce xfce 0 2004-12-10 11:58 net
srwxrwxrwx 10 root root 0 2004-12-10 11:58 sys
srwxrwxrwx 4 httpd httpd 0 2004-12-10 11:58 net
srwxrwxrwx 10 root root 0 2004-12-10 11:58 sys
-r--r--r-- 4 olivier xfce 0 2004-12-10 11:58 net
srwxrwxrwx 10 root root 0 2004-12-10 11:58 sys
drwxr-xr-x 4 root root 0 2004-12-10 11:58 net
srwxrwxrwx 10 root root 0 2004-12-10 11:58 sys
drwxr-xr-x 4 root root 0 2004-12-10 11:58 net
srwxrwxrwx 10 root root 0 2004-12-10 11:58 sys
-r-xr-xr-x 4 lunar lunar 0 2004-12-10 11:58 net
srwxrwxrwx 10 root root 0 2004-12-10 11:58 sys
?--------- 4 root root 0 2004-12-10 11:58 net
srwxrwxrwx 10 root root 0 2004-12-10 11:58 sys
?--------- 4 root root 0 2004-12-10 11:58 net
srwxrwxrwx 10 root root 0 2004-12-10 11:58 sys
?--------- 4 root root 0 2004-12-10 11:58 net
srwxrwxrwx 10 root root 0 2004-12-10 11:58 sys
?--------- 4 root root 0 2004-12-10 11:58 net
I believe that this is a consistent error and since I run plentyfull
other kernel patchsets around my suspicions are that the grsecurity
patch is the cause. I'll try myself to check the patch but I'm sure you
would know better where to look.
sofar
--
Auke Kok - sofar at lunar-linux.org
Lunar-Linux Project leader
More information about the grsecurity
mailing list