From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-hardened+bounces-2389-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1LQ5C9-0002IP-B0
	for garchives@archives.gentoo.org; Thu, 22 Jan 2009 19:26:29 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 1A498E057B;
	Thu, 22 Jan 2009 19:26:28 +0000 (UTC)
Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.232])
	by pigeon.gentoo.org (Postfix) with ESMTP id DFDF7E057B
	for <gentoo-hardened@lists.gentoo.org>; Thu, 22 Jan 2009 19:26:27 +0000 (UTC)
Received: by rv-out-0506.google.com with SMTP id f9so29003rvb.2
        for <gentoo-hardened@lists.gentoo.org>; Thu, 22 Jan 2009 11:26:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:received:in-reply-to:references
         :date:message-id:subject:from:to:content-type
         :content-transfer-encoding;
        bh=I1+jCsQn3JLGoyTuBwt2td2nrvdbkbTjPaGt4pqhRAA=;
        b=fLzS7UwseSWuiRqsNAc5k+nHsmc+F4TdmT0KIS/QjBmxaabhQxIxTsjQSLDCuiFGXk
         Kwm5Y4Z38fv18iwauM5SHGDgUxEu/Aoc078QY59sWdP4/uJfPeD/hvcJ7xYwue3skN0n
         jUdFYtzT4ZU5eyOjjp9jDyvcAyDG6Zmer15HA=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type:content-transfer-encoding;
        b=U8PVq5pPxjib5YI9CTdo8C3VCQO7D7Kct2o1qhELeuEQXwgyrjvDdo/civYhchu/7D
         8U1vWsx5xFrqRsZOYefiDNwgkY0EtxKKDm16pxpGJL+SO8NpAPVcXwGmOcrgtFPdx4ZM
         KEU2u8tb9xTLac7FSUj71gDhPxjT5L+X6PfKo=
Precedence: bulk
List-Post: <mailto:gentoo-hardened@lists.gentoo.org>
List-Help: <mailto:gentoo-hardened+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-hardened+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-hardened+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-hardened.gentoo.org>
X-BeenThere: gentoo-hardened@lists.gentoo.org
Reply-to: gentoo-hardened@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.141.197.14 with SMTP id z14mr2634045rvp.63.1232652387284; Thu, 
	22 Jan 2009 11:26:27 -0800 (PST)
In-Reply-To: <49bf44f10901221106n630d668fwc7fe390f53a600b8@mail.gmail.com>
References: <49bf44f10901221106n630d668fwc7fe390f53a600b8@mail.gmail.com>
Date: Thu, 22 Jan 2009 12:26:26 -0700
Message-ID: <4255c2570901221126p1d52dbc3r649fbf21793fd49a@mail.gmail.com>
Subject: Re: [gentoo-hardened] 'paxctl -m bin' everything that complains?
From: RB <aoz.syn@gmail.com>
To: gentoo-hardened@lists.gentoo.org
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Archives-Salt: 01b941e6-58e4-462d-8a80-c43341caea58
X-Archives-Hash: 2fcf75de3583d202d9c597a71d375ee8

On Thu, Jan 22, 2009 at 12:06, Grant <emailgrant@gmail.com> wrote:
> I'm getting a lot of messages like this in dmesg:
>
> "denied resource overstep by requesting 4096 for RLIMIT_CORE"
>
> Should I 'paxctl -m bin' all of these even if they seem to function OK anyway?

You're barking up the wrong tree.  Applications are trying to coredump
(or prepare for one), and your default size limit for that (0) is
lower than what they're trying to allocate.  You're seeing those
specific logs because you have CONFIG_GRKERNSEC_RESLOG on, but it
would be happening whether or not you were running -hardened.

Check out 'ulimit -a' or search for 'ulimit' in bash(1).