[grsec] Fwd: Re: Bug#336461: debhelper: dh_fixperms - xargs:
chown: Argument list too long
pageexec at freemail.hu
pageexec at freemail.hu
Tue Nov 8 19:02:04 EST 2005
On 8 Nov 2005 at 19:04, Bernd Zeimetz wrote:
> is this a supposed behaviour in grsec? And if yes, is it possible to make
> (getconf ARG_MAX)-(printenv | wc -m) a reliable number again?
it is a reliable number (as in, it's a constant) but its use is
based on the assumption that it reflects the actually usable space
on the initial userland stack. due to the stack randomization that
PaX does, this assumption is no longer valid as there's an up to
PAGE_SIZE large random padding at the bottom of the stack that is
not accounted for in the environment. i thought of a quick workaround,
i'd appreciate if you gave it a try (patch might be whitespace damaged):
--- linux-2.6.14-pax/include/linux/binfmts.h 2005-10-28 12:07:46.000000000 +0200
+++ linux-2.6.14-pax/include/linux/binfmts.h 2005-11-09 00:49:42.000000000 +0100
@@ -7,10 +7,10 @@
/*
* MAX_ARG_PAGES defines the number of pages allocated for arguments
- * and envelope for the new program. 32 should suffice, this gives
- * a maximum env+arg of 128kB w/4KB pages!
+ * and envelope for the new program. 33 should suffice, this gives
+ * a maximum env+arg of 132kB w/4KB pages!
*/
-#define MAX_ARG_PAGES 32
+#define MAX_ARG_PAGES 33
/* sizeof(linux_binprm->buf) */
#define BINPRM_BUF_SIZE 128
More information about the grsecurity
mailing list