[grsec] pax and kaspersky kavscanner
Jens-Uwe Katolla
katolla at otris.de
Tue Mar 8 01:38:38 EST 2005
Hallo pageexec,
yes you are right, best thing would be if kaspersky stops this self
encryption/self signing thing. And even beter would be if kaspersky writes
clean code which isn't killed by pax.
But i think it could be nice to have a config file where i can tell which
executables are unclean and where pax should drop some of it checking
features or does that open to many holes in the pax system? Maybe as an
compile-time option like softmode.
On Tue, 8 Mar 2005 pageexec at freemail.hu wrote:
> > unfortunately kavscanner is killed by pax. If i change the flags with
> > chpax kavscaner refuses to start because it has a signed executable and
> > after changing the elf-flags this signature is detected as invalid.
> >
> > what options do i have to use pax on this system. I dont want to use
> > softmode. paxctl does not seem to have any effect at all, after setting
> > some flags with paxctl i cant see them using "paxctl -v"
>
> 1. you can use the RBAC system to turn off pax flags without having
> to touch the executable (paxctl works only if the target has a
> PT_PAX_FLAGS program header, and even then it'd mean changing the
> file)
>
> 2. you can tell kaspersky labs to stop this silly self-encryption/check
> thing, it doesn't do anything useful.
>
>
mfg
--
Jens-Uwe Katolla katolla at otris.de
otris software AG http://www.otris.de
Landgrafenstr. 153 Fon +49 (0)231 95 80 69 -0
D-44139 Dortmund Fax +49 (0)231 95 80 69 -44
More information about the grsecurity
mailing list