[grsec] pax and kaspersky kavscanner
Nabil SEFRIOUI
admin at osmium-work.com
Tue Mar 8 15:07:48 EST 2005
Hi,
i'm using kaspersky with a pax enabled system, Hardened Linux From
Scratch (HLFS SVN-20050225) in my case, and there is no visible
problem, kaspersky kavscanner and ave{server,client} works just fine.
I'm not a toolchain expert and i can't explain why things are
working ... :) all i can say is that i have faced the kaspersky/pax
problem in the past with a regular LFS build+grsecurity(pax enabled)
HLFS differs from LFS in the nature of building, HLFS comes whith GCC
Stack Smatching Protector and Position Independent Exectuables enabled
by default and the whole system is built whith these extentions
if someone can give us a real explanation, it will be welcome...
Le Mardi 08 Mars 2005 08:54, Peter S. Mazinger a écrit :
> On Mon, 7 Mar 2005, Jens-Uwe Katolla wrote:
> > hello,
> >
> > i have a pax enabled kernel and try to use kavscanner on that
> > machine.
> >
> > unfortunately kavscanner is killed by pax. If i change the flags
> > with chpax kavscaner refuses to start because it has a signed
> > executable and after changing the elf-flags this signature is
> > detected as invalid.
> >
> > what options do i have to use pax on this system. I dont want to
> > use softmode. paxctl does not seem to have any effect at all, after
> > setting some flags with paxctl i cant see them using "paxctl -v"
> >
> > anybody here who is using pax and kaspersky together?
>
> I have marked kavscanner w/ chpax (paxctl is useless here), and wrote
> a shell script, ignoring the message saying that the file is damaged
>
> Peter
More information about the grsecurity
mailing list