From: atoth@atoth.sote.hu
To: gentoo-hardened@lists.gentoo.org
Subject: Re: [gentoo-hardened] what RLIMIT_STACK mean?
Date: Mon, 10 Nov 2008 07:13:52 +0100 (CET) [thread overview]
Message-ID: <56fdc27a3f155c58dba9c797d9965dd7.squirrel@atoth.sote.hu> (raw)
In-Reply-To: <4916DB2B.29842.7CE88B1@pageexec.freemail.hu>
I'm using the latest hardened kernel. I've switched to 2.6.27 on Sunday.
I have /bin/rm only in one daily cron job. And this error message is not
reproducible in a repetitive manner. These error messages showed up in the
logs once per every second months. I try to find a way to trigger it, but
I'm not sure about my success.
It would be good from Alex to provide his recipe for me to try out.
Regards,
Dwokfur
--
dr Tóth Attila, Radiológus Szakorvos jelölt, 06-20-825-8057, 06-30-5962-962
Attila Toth MD, Radiologist in Training, +36-20-825-8057, +36-30-5962-962
On Vas, November 9, 2008 12:44, pageexec@freemail.hu wrote:
> On 9 Nov 2008 at 0:06, atoth@atoth.sote.hu wrote:
>
>> Some error messages like this shows up from time to time every twice
>> months:
>> "
>> grsec: (root:U:/bin/rm) denied resource overstep by requesting 115310592
>> for RLIMIT_STACK against limit 8388608 for /[rm:32461] uid/euid:0/0
>> gid/egid:0/0, parent /usr/sbin/run-crons[run-crons:32446] uid/euid:0/0
>> gid/egid:0/0
>> "
>> That might be related to the same issue.
>
> what's your kernel version? and if it's not .27.x, can you test there as
> well?
> also can you reproduce it with even more trivial things like pwd?
>
>
next prev parent reply other threads:[~2008-11-10 6:13 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-09-27 12:42 [gentoo-hardened] what RLIMIT_STACK mean? Alex Efros
2008-09-29 15:21 ` Alex Efros
2008-09-29 15:46 ` Javier Martínez
2008-09-29 15:56 ` Alex Efros
2008-09-29 16:06 ` Javier Martínez
2008-09-29 16:10 ` Javier Martínez
2008-09-29 16:24 ` Alex Efros
2008-09-29 16:46 ` pageexec
2008-09-29 16:57 ` Alex Efros
2008-09-29 23:29 ` Adam James
2008-09-30 0:03 ` Alex Efros
2008-11-08 21:13 ` pageexec
2008-11-08 22:40 ` Alex Efros
2008-11-08 21:55 ` pageexec
2008-11-08 23:06 ` atoth
2008-11-09 11:44 ` pageexec
2008-11-10 6:13 ` atoth [this message]
2008-11-10 9:24 ` Alex Efros
2008-11-10 11:31 ` atoth
2008-11-10 12:23 ` Alex Efros
2008-11-10 13:24 ` Brian Kroth
2008-11-10 12:43 ` pageexec
2008-11-10 17:02 ` atoth
2008-11-12 0:00 ` Kerin Millar
2008-11-12 0:37 ` pageexec
2008-11-09 17:40 ` Alex Efros
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56fdc27a3f155c58dba9c797d9965dd7.squirrel@atoth.sote.hu \
--to=atoth@atoth.sote.hu \
--cc=gentoo-hardened@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox