From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LfiIM-0003cO-AA for garchives@archives.gentoo.org; Fri, 06 Mar 2009 22:13:30 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 8F07CE0268; Fri, 6 Mar 2009 22:13:28 +0000 (UTC) Received: from r00tworld.com (r00tworld.com [212.85.137.21]) by pigeon.gentoo.org (Postfix) with ESMTP id CA7FAE0268 for ; Fri, 6 Mar 2009 22:13:27 +0000 (UTC) Received: from localhost (localhost.localdomain [127.0.0.1]) by r00tworld.com (8.13.1/8.13.1) with ESMTP id n26MDPK2028440 for ; Fri, 6 Mar 2009 23:13:26 +0100 Received: from r00tworld.com ([127.0.0.1]) by localhost (r00tworld.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 22050-08 for ; Fri, 6 Mar 2009 23:13:24 +0100 (CET) Received: from [192.168.1.14] (x.r00tworld.com [212.85.137.21]) by r00tworld.com (8.13.1/8.13.1) with ESMTP id n26MDIg5028431 (version=TLSv1/SSLv3 cipher=DES-CBC3-SHA bits=168 verify=NO) for ; Fri, 6 Mar 2009 23:13:19 +0100 From: pageexec@freemail.hu To: gentoo-hardened@lists.gentoo.org Date: Fri, 06 Mar 2009 23:12:59 +0200 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 Subject: Re: [gentoo-hardened] 2.6.27-hardened-r8: assassination Message-ID: <49B19FEB.13855.19525701@pageexec.freemail.hu> Priority: normal In-reply-to: <20090306215141.GA3005@home.power> References: <20090306151313.GB1926@home.power>, <49B16B41.31874.18849D3B@pageexec.freemail.hu>, <20090306215141.GA3005@home.power> X-mailer: Pegasus Mail for Windows (4.50 PB1) Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.1.12 (r00tworld.com [212.85.137.21]); Fri, 06 Mar 2009 23:13:19 +0100 (CET) X-Virus-Scanned: r00tworld Anti-Virus System X-Archives-Salt: 081462ce-2c97-4a56-849e-c77a3241f743 X-Archives-Hash: 494f7f5b97615b797e756b40be25c10f On 6 Mar 2009 at 23:51, Alex Efros wrote: > When I run apache for the first time after reboot - without strace/core, > just to see is it crash - I got this in kernel log: > > 2009-03-06_20:48:56.60108 kern.info: apache2[4621]: segfault at > 4d554ed0 ip 4d541399 sp 594130d0 error 7 in ld-2.6.1.so[4d53a000+1a000] ah crap, i know what it is. it's a several years old glibc bug where someone put a certain variable into the RELRO segment but forgot that it'll be written to later when a library with RWE GNU_STACK is loaded. the workaround is to find that library (just extract them from strace, probably it'll be pari's library) and run execstack -c on it.