From mboxrd@z Thu Jan 1 00:00:00 1970
Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org)
by finch.gentoo.org with esmtp (Exim 4.60)
(envelope-from <gentoo-hardened+bounces-2360-garchives=archives.gentoo.org@lists.gentoo.org>)
id 1LN9rX-0003cM-Vx
for garchives@archives.gentoo.org; Wed, 14 Jan 2009 17:49:08 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
by pigeon.gentoo.org (Postfix) with SMTP id 573A5E0455;
Wed, 14 Jan 2009 17:49:06 +0000 (UTC)
Received: from mail-bw0-f21.google.com (mail-bw0-f21.google.com [209.85.218.21])
by pigeon.gentoo.org (Postfix) with ESMTP id E8F16E0455
for <gentoo-hardened@lists.gentoo.org>; Wed, 14 Jan 2009 17:49:05 +0000 (UTC)
Received: by bwz14 with SMTP id 14so1999469bwz.10
for <gentoo-hardened@lists.gentoo.org>; Wed, 14 Jan 2009 09:49:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=gamma;
h=domainkey-signature:received:received:message-id:date:from:to
:subject:in-reply-to:mime-version:content-type
:content-transfer-encoding:content-disposition:references;
bh=Z2yU+vK8vCn26Dse4WCUnblBaO0kQrKcpirDmW6IJ+A=;
b=HuhGJOw26zKaumYY153wyL6bQG1xlGXhvmbotAKfJlkNGm41Qed9H7A/FXOlmWEzhK
VFWGeObnZZeKI4ed1o1tRGgqb8sXa5muIjyG8sfXod0LaLjC8Et/FiUCyiIX8M63asDL
LhBL4n4lc8EE2kDn8lC0KHrVwpyBMxLJpi41Y=
DomainKey-Signature: a=rsa-sha1; c=nofws;
d=gmail.com; s=gamma;
h=message-id:date:from:to:subject:in-reply-to:mime-version
:content-type:content-transfer-encoding:content-disposition
:references;
b=OBaZlyn5b2Kyp8Svm7l95nWvIcwAEoxT14ukuKiKL1oidx4YHJPKT44632docwg2Wm
2wKIz5cb6Ll/k7K0RYL2GyqM7Z6eAI8m90xP5ek3OFQhdWPB7ywC8/8nOx79YiV46Oay
YYSPYPi52z1WkRmUUCUY1Kfo3Ik2rb+lewrxo=
Received: by 10.180.241.8 with SMTP id o8mr100617bkh.102.1231955344305;
Wed, 14 Jan 2009 09:49:04 -0800 (PST)
Received: by 10.180.208.18 with HTTP; Wed, 14 Jan 2009 09:49:04 -0800 (PST)
Message-ID: <49bf44f10901140949n1ebc71ednf7ffd8c1bac05daa@mail.gmail.com>
Date: Wed, 14 Jan 2009 09:49:04 -0800
From: Grant <emailgrant@gmail.com>
To: gentoo-hardened@lists.gentoo.org
Subject: Re: [gentoo-hardened] Which hardened kernel feature disables wine?
In-Reply-To: <1231905314.4856.11.camel@localhost>
Precedence: bulk
List-Post: <mailto:gentoo-hardened@lists.gentoo.org>
List-Help: <mailto:gentoo-hardened+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-hardened+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-hardened+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-hardened.gentoo.org>
X-BeenThere: gentoo-hardened@lists.gentoo.org
Reply-to: gentoo-hardened@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <49bf44f10901131100t41a192d8n1d83ba116be42ce2@mail.gmail.com>
<1231877371.14355.33.camel@hangover> <496CF942.8020202@gentoo.org>
<49bf44f10901131306x3c6f9a41y5d0fdcefa3df4528@mail.gmail.com>
<1231882201.14355.36.camel@hangover>
<49bf44f10901131919scb16680i8f9974efaaaf9afe@mail.gmail.com>
<1231905314.4856.11.camel@localhost>
X-Archives-Salt: 73f3faed-b6a5-4213-8095-8628b2b3868f
X-Archives-Hash: 0a8e957da3ecf505fe5651e9a17ad60b
>> >> Thanks everyone, that worked great. Is there a way to get a list of
>> >> files which have been operated on by paxctl? I didn't see anything in
>> >> man paxctl.
>> >
>> >
>> > qlist -ao | scanelf -f - -q -x
>>
>> Thanks Ned. I get the following but I've only ever issued paxctl
>> referencing /usr/bin/wine-preloader. Can you tell me why the other
>> files might be listed?
>>
>> # qlist -ao | scanelf -f - -q -x
>> --mxe- /opt/emul-linux-x86-java-1.6.0.11/bin/java
> ..
>
> portage and or the toolchain handles them.
> Packages with known problems such as wine should be pax-marked
If I'm understanding correctly, emul-linux-x86-java, VirtualBox, and
sun-jdk have known problems with pax so portage pax-marks them.
Shouldn't portage pax-mark wine too instead of me doing it manually?
- Grant
> See /usr/portage/eclass/pax-utils.eclass for more details.
>
> Finding pkgs that use these functions can be done like this.
>
> qgrep -Hvv 'pax-mark'