[grsec] GRKERNSEC_BRUTE and ret2libc

Pavel Labushev p.labushev at gmail.com
Sun Oct 11 03:26:15 EDT 2009


I was thinking of GRKERNSEC_BRUTE... gr_handle_brute_attach() is called
only when a child fails with SIGKILL or SIGILL, but not with SIGSEGV.
Why is that? I mean, segmentation failure may happen because of some
ret2libc-style exploit failed, so it seems like a good idea to call
gr_handle_brute_attach() when SIGSEGV occurs. But I'm sure there's a
reason why that's not implemented already. Can anybody explain, why? Brad?


More information about the grsecurity mailing list