[grsec] PaX
Rene Amirkhanian
rene.amirkhanian at nbs-system.com
Mon May 2 12:24:31 EDT 2005
Hello,
The answer lies in the grsecurity forums.
You should take a look and try libsafe.
Regards,
René Amirkhanian
-----Original Message-----
From: grsecurity-bounces at grsecurity.net
[mailto:grsecurity-bounces at grsecurity.net] On Behalf Of Banszki Gabor
Sent: lundi 2 mai 2005 17:20
To: grsecurity at grsecurity.net
Subject: [grsec] PaX
Hi guys,
I just patched a kernel 2.6.11.7 with grsec, and activated the PaX flags
below:
grsec:/usr/src/linux# cat .config | grep PAX | grep -v set CONFIG_PAX=y
CONFIG_PAX_SOFTMODE=y CONFIG_PAX_EI_PAX=y CONFIG_PAX_PT_PAX_FLAGS=y
CONFIG_PAX_NO_ACL_FLAGS=y CONFIG_PAX_NOEXEC=y CONFIG_PAX_PAGEEXEC=y
CONFIG_PAX_SEGMEXEC=y CONFIG_PAX_DEFAULT_SEGMEXEC=y CONFIG_PAX_MPROTECT=y
CONFIG_PAX_ASLR=y CONFIG_PAX_RANDKSTACK=y CONFIG_PAX_RANDUSTACK=y
CONFIG_PAX_RANDMMAP=y CONFIG_PAX_NOVSYSCALL=y
After the paxtest-0.9.5 I have 5 remaining vulnerablity:
ain executable randomisation (ET_EXEC) : No randomisation
Return to function (strcpy) : Vulnerable
Return to function (strcpy, RANDEXEC) : Vulnerable
Return to function (memcpy) : Vulnerable
Return to function (memcpy, RANDEXEC) : Vulnerable
I read all documents on http://pax.grsecurity.net, but I don't understand
what is the cause of this?
What do I have to do for activating these 5 features?
Thank you....
Gabor Banszki
_______________________________________________
grsecurity mailing list
grsecurity at grsecurity.net
http://grsecurity.net/cgi-bin/mailman/listinfo/grsecurity
More information about the grsecurity
mailing list