[grsec] pax and kaspersky kavscanner

Jens-Uwe Katolla katolla at otris.de
Wed Mar 9 07:02:57 EST 2005


Hallo,

i am using kav4linux-5.0.5 too but here it is killed as i said before.
The linux distro is a "gentoo hardened" build from stage1. The system is 
sopposed to become a mailserver with virus-scanner for our company.

Maybe you dont have the "restrict mprotect" active or you have a default 
rule in your /etc/grsec/policy config file.

As told i am confused about the documentation on grsecurity, how do i 
correctly disable the mprotect feature using the policy file? The 
documentation says "M" ist the right flag, but in the sample policy "M" 
means something completly different, it seems the documentation is 
outdated.

Somebody here who has solved this kav issue using the policy file who can 
post the policy here?


On Tue, 8 Mar 2005, Nabil SEFRIOUI wrote:

> Le Mardi 08 Mars 2005 21:49, Peter S. Mazinger a écrit :
> 
> > it would help to know which version you have
> > 3.x and 4.0.x need chpax for sure
> > you can check chpax -v kavscanner/aveserver/avclient to see the set
> > flags on your version (maybe HLFS sets it correctly)
> 
> sorry i forget to mention this, i'm using kav4linux-5.0.5 and paxctl 
> v0.2 (not chpax) and paxctl -v gives no infos for kaspersky binary 
> since they aren't compilied whith HLFS toolchain.
> may be kaspersky code is clean now, begining with the 5.x series, it 
> seems that kaspersky products have been reworked for better usability 
> for unix ...
> 
> additional infos : i have RANDEXEC and EMUTRAMP disabled, all other pax 
> features are enabled
> _______________________________________________
> grsecurity mailing list
> grsecurity at grsecurity.net
> http://grsecurity.net/cgi-bin/mailman/listinfo/grsecurity
> 

-- 
Jens-Uwe Katolla                         katolla at otris.de

otris software AG                        http://www.otris.de
Landgrafenstr. 153                       Fon  +49 (0)231  95 80 69 -0
D-44139 Dortmund                         Fax  +49 (0)231  95 80 69 -44




More information about the grsecurity mailing list