From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.50) id 1ETNdy-0003vP-CW for garchives@archives.gentoo.org; Sat, 22 Oct 2005 17:58:58 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.5/8.13.5) with SMTP id j9MHrcuF031197; Sat, 22 Oct 2005 17:53:38 GMT Received: from sunspire.org ([82.78.100.23]) by robin.gentoo.org (8.13.5/8.13.5) with SMTP id j9MHrbv5011987 for ; Sat, 22 Oct 2005 17:53:37 GMT Received: (qmail 16467 invoked from network); 22 Oct 2005 17:56:33 -0000 X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on starshine.sunspire.org X-Spam-Level: X-Spam-Status: No, score=-2.0 required=4.0 tests=ALL_TRUSTED,AWL autolearn=disabled version=3.1.0 Received: from wpeter.sunspire.org (HELO peter) (10.0.1.4) by mail.sunspire.org with SMTP; 22 Oct 2005 17:56:31 -0000 Date: Sat, 22 Oct 2005 20:56:31 +0300 From: Petre Rodan To: gentoo-hardened@lists.gentoo.org Subject: Re: [gentoo-hardened] mysql 4.1 requires shlib_t:file execmod? Message-ID: <20051022175631.GA16128@peter.sunspire.org> Mail-Followup-To: gentoo-hardened@lists.gentoo.org References: <435A7CA9.4596.A4DE07A0@pageexec.freemail.hu> <435A91E4.28438.A530F894@pageexec.freemail.hu> <1130002295.5415.1.camel@localhost.localdomain> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="XsQoSWH+UP9D9v3l" Content-Disposition: inline In-Reply-To: <1130002295.5415.1.camel@localhost.localdomain> User-Agent: mutt-ng/devel (Linux) X-Archives-Salt: cdfe8d99-ef09-4e80-9686-17c050f94fbb X-Archives-Hash: 18e3050deb6a4685dbd4041b35f91c0c --XsQoSWH+UP9D9v3l Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Oct 22, 2005 at 06:31:35PM +0100, Antoine Martin wrote: > On Sat, 2005-10-22 at 19:24 +0200, pageexec@freemail.hu wrote: > > On 22 Oct 2005 at 17:37, Antoine Martin wrote: > > > scanelf -T /usr/lib/libmysqlclient.so.14 > > > shows nothing at all. > > > (I also tried adding a -R, even -a shows nothing!) > >=20 > > ok, so it's not textrels, can you post an strace output then? > Ah, I thought I could, but strace won't run in enforcing mode (which is n= eeded to make it break) > strace: ptrace(PTRACE_TRACEME, ...): Permission denied >=20 > And since there is no audit message, I don't know how to allow it. allow sysadm_t domain:process ptrace; allow initrc_t domain:process ptrace; > Thanks > Antoine >=20 > --=20 > gentoo-hardened@gentoo.org mailing list >=20 bye, peter --=20 petre rodan Developer, Hardened Gentoo Linux=20 --XsQoSWH+UP9D9v3l Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2-ecc0.1.6 (GNU/Linux) iD8DBQFDWn1OGSBEIeh4AEYRAj6mAJ9hqILo8ViEYqSxhG9n3n8gw/7uJgCeKyaV 4KQXrS/znmc/nWw4TVfaaYE= =F1yT -----END PGP SIGNATURE----- --XsQoSWH+UP9D9v3l-- -- gentoo-hardened@gentoo.org mailing list