From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1FiJ8b-0004bP-L0 for garchives@archives.gentoo.org; Mon, 22 May 2006 22:44:34 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.6/8.13.6) with SMTP id k4MMeiFm019250; Mon, 22 May 2006 22:40:44 GMT Received: from skinny.southernlinux.net (cheap.rednecks.net [64.192.55.254]) by robin.gentoo.org (8.13.6/8.13.6) with ESMTP id k4MMegUq018266 for ; Mon, 22 May 2006 22:40:42 GMT Received: (qmail 9260 invoked by uid 210); 22 May 2006 18:39:38 -0400 Received: from 10.99.99.199 by skinny (envelope-from , uid 201) with qmail-scanner-1.25st (clamdscan: 0.88.1/1474. f-prot: 4.4.2/3.14.11. spamassassin: 3.1.0. perlscan: 1.25st. Clear:RC:1(10.99.99.199):. Processed in 0.07983 secs); 22 May 2006 22:39:38 -0000 Received: from unknown (HELO ?10.99.99.199?) (10.99.99.199) by 0 with SMTP; 22 May 2006 18:39:38 -0400 Subject: Re: [gentoo-hardened] SELinux problem -> avc: denied {execmem} From: Ned Ludd To: gentoo-hardened@lists.gentoo.org In-Reply-To: <44723080.14580.10D3D84@pageexec.freemail.hu> References: <20060522060427.GA7073@peter.avira.local> <44723080.14580.10D3D84@pageexec.freemail.hu> Content-Type: text/plain Organization: Gentoo Linux Date: Mon, 22 May 2006 18:40:41 -0400 Message-Id: <1148337641.6851.26.camel@localhost> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.4.2.1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 63b3eec9-e227-4f74-a753-cc18d5692f31 X-Archives-Hash: 1b034059433b80edb0b7fd2aa1c88256 On Mon, 2006-05-22 at 21:43 +0200, pageexec@freemail.hu wrote: > On 22 May 2006 at 19:32, Jan Meier wrote: > > > do you have a new gentoo setup there or did you migrate an old install? > > The gentoo installation is two month old, I migrated to SELinux. > > It is a PPC, could this be a problem? > > i'm wondering if it's the ppc .plt issue that PaX runs against as well > (it's rwx and runtime generated -> not good). a year ago or so Red Hat > people added secureplt support to binutils/ld, (hardened) gentoo should > probably take a look. > > http://gcc.gnu.org/ml/gcc-patches/2005-05/msg01134.html > http://sources.redhat.com/ml/binutils/2005-05/msg00391.html Last we spoke about this I thought you said it was reverted. Btw. I'm running a ppc box with pretty great success with most of the supported PaX features enabled. (only bugs thus far have been with SPP and a few pkgs (glibc/busybox/gcc) but I'm sure that wont shock you :) Linux luna 2.6.14-hardened #1 Tue Nov 15 21:55:38 UTC 2005 ppc 7447/7457, altivec supported GNU/Linux 128bb000-128c1000 r-xp 00000000 03:03 1703959 /bin/cat 128cb000-128cc000 r--p 00010000 03:03 1703959 /bin/cat 128cc000-128cd000 rw-p 00011000 03:03 1703959 /bin/cat 128cd000-128fb000 rw-p 128cd000 00:00 0 [heap] 32cc6000-32cde000 r-xp 00000000 03:03 205825 /lib/ld-2.3.5.so 32cde000-32cdf000 rw-p 32cde000 00:00 0 32ce6000-32ce7000 r--p 00020000 03:03 205825 /lib/ld-2.3.5.so 32ce7000-32ce8000 rw-p 00021000 03:03 205825 /lib/ld-2.3.5.so 32ce8000-32ce9000 rw-p 32ce8000 00:00 0 32cea000-32cee000 r-xp 00000000 03:03 205787 /lib/libaudit.so 32cee000-32cfa000 ---p 00004000 03:03 205787 /lib/libaudit.so 32cfa000-32cfb000 r--p 00010000 03:03 205787 /lib/libaudit.so 32cfb000-32cfc000 rw-p 00011000 03:03 205787 /lib/libaudit.so 32d06000-32e29000 r-xp 00000000 03:03 205828 /lib/libc-2.3.5.so 32e29000-32e36000 ---p 00123000 03:03 205828 /lib/libc-2.3.5.so 32e36000-32e38000 r--p 00130000 03:03 205828 /lib/libc-2.3.5.so 32e38000-32e3c000 rw-p 00132000 03:03 205828 /lib/libc-2.3.5.so 32e3c000-32e3e000 rw-p 32e3c000 00:00 0 32e3e000-32e40000 r-xp 00000000 03:03 205830 /lib/libdl-2.3.5.so 32e40000-32e4e000 ---p 00002000 03:03 205830 /lib/libdl-2.3.5.so 32e4e000-32e4f000 r--p 00010000 03:03 205830 /lib/libdl-2.3.5.so 32e4f000-32e50000 rw-p 00011000 03:03 205830 /lib/libdl-2.3.5.so 7904f000-79065000 rw-p 7904f000 00:00 0 [stack] -- Ned Ludd Gentoo Linux -- gentoo-hardened@gentoo.org mailing list