[grsec] pax and kaspersky kavscanner

Peter S. Mazinger ps.m at gmx.net
Tue Mar 8 16:49:36 EST 2005 

On Tue, 8 Mar 2005, Nabil SEFRIOUI wrote:

> Hi,
> 
> i'm using kaspersky with a pax enabled system, Hardened Linux From 
> Scratch (HLFS SVN-20050225) in my case, and there is no visible 
> problem, kaspersky kavscanner and ave{server,client} works just fine.
> 
> I'm not a toolchain expert and i can't explain why things are 
> working ... :) all i can say is that i have faced the kaspersky/pax 
> problem in the past with a regular LFS build+grsecurity(pax enabled)
> 
> HLFS differs from LFS in the nature of building, HLFS comes whith GCC 
> Stack Smatching Protector and Position Independent Exectuables enabled 
> by default and the whole system is built whith these extentions
> 
> if someone can give us a real explanation, it will be welcome...

it would help to know which version you have
3.x and 4.0.x need chpax for sure
you can check chpax -v kavscanner/aveserver/avclient to see the set flags 
on your version (maybe HLFS sets it correctly)

Peter

> 
> 
> Le Mardi 08 Mars 2005 08:54, Peter S. Mazinger a écrit :
> > On Mon, 7 Mar 2005, Jens-Uwe Katolla wrote:
> > > hello,
> > >
> > > i have a pax enabled kernel and try to use kavscanner on that
> > > machine.
> > >
> > > unfortunately kavscanner is killed by pax. If i change the flags
> > > with chpax kavscaner refuses to start because it has a signed
> > > executable and after changing the elf-flags this signature is
> > > detected as invalid.
> > >
> > > what options do i have to use pax on this system. I dont want to
> > > use softmode. paxctl does not seem to have any effect at all, after
> > > setting some flags with paxctl i cant see them using "paxctl -v"
> > >
> > > anybody here who is using pax and kaspersky together?
> >
> > I have marked kavscanner w/ chpax (paxctl is useless here), and wrote
> > a shell script, ignoring the message saying that the file is damaged
> >
> > Peter
> _______________________________________________
> grsecurity mailing list
> grsecurity at grsecurity.net
> http://grsecurity.net/cgi-bin/mailman/listinfo/grsecurity
> 
> 

-- 
Peter S. Mazinger <ps dot m at gmx dot net>           ID: 0xA5F059F2
Key fingerprint = 92A4 31E1 56BC 3D5A 2D08  BB6E C389 975E A5F0 59F2

More information about the grsecurity mailing list