From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LMpgS-000240-W6 for garchives@archives.gentoo.org; Tue, 13 Jan 2009 20:16:21 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 72F27E05CA; Tue, 13 Jan 2009 20:16:17 +0000 (UTC) Received: from mail-bw0-f21.google.com (mail-bw0-f21.google.com [209.85.218.21]) by pigeon.gentoo.org (Postfix) with ESMTP id 2A794E05CA for ; Tue, 13 Jan 2009 20:16:17 +0000 (UTC) Received: by bwz14 with SMTP id 14so640259bwz.10 for ; Tue, 13 Jan 2009 12:16:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=EYJuhY69oHQ5ulUN0fBBAhHSK67SUhEYBCzdafd0pAk=; b=K92JVERDaqd974RcXcrjCSdswlI2qnWi22UIK3RTnVmMNQK7y4Lm+BRZoD9cTeP/cW alWh9Dx8fcBjy7vJ2mkp1S+01JZ9ti3NssY5YjNtyAe8EjdtZQhF1jl4c8Oxglqu62Hz 8U3DYqis47aZ/noxj659OAPilurOZCMO9Cev0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=JoxYNeYnVvnRYwisqqP5qwogwAWLN+W2spsA9PF3IGd6fmziZh6s20rNsM59YFeKjQ i51k/EtGR8T+oSijaLWou0qBhDn/oAKaeuaGVY9IERrPeUy4gEk707PzcUJjaN/fu49U sTJf+gJR/uqP6CpoFalSlneCKs6diXYFHxvwg= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 Received: by 10.103.2.14 with SMTP id e14mr1774088mui.94.1231877776348; Tue, 13 Jan 2009 12:16:16 -0800 (PST) In-Reply-To: <1231877371.14355.33.camel@hangover> References: <49bf44f10901131100t41a192d8n1d83ba116be42ce2@mail.gmail.com> <1231877371.14355.33.camel@hangover> Date: Tue, 13 Jan 2009 21:16:16 +0100 Message-ID: <897813410901131216r3096e801w2c8fd1c1d22b8da0@mail.gmail.com> Subject: Re: [gentoo-hardened] Which hardened kernel feature disables wine? From: =?ISO-8859-1?Q?Javier_J=2E_Mart=EDnez_Cabez=F3n?= To: gentoo-hardened@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: af74a716-bf96-4ad8-89ad-ba200fc90a03 X-Archives-Hash: 5ec802c26cf659e72a37ff98a4aaa1f1 I would remove first mprotect and segmexec and test. 2009/1/13 Ned Ludd : > On Tue, 2009-01-13 at 11:00 -0800, Grant wrote: >> I'm using the grsecurity "Gentoo (workstation)" setting in my hardened >> kernel, but trying to use wine I get this: >> >> err:heap:HEAP_GetPtr Invalid heap (nil)! >> err:heap:HEAP_GetPtr Invalid heap (nil)! >> err:module:attach_process_dlls "KERNEL32.dll" failed to initialize, aborting >> err:module:LdrInitializeThunk Main exe initialization for >> L"C:\\windows\\system32\\wineboot.exe" failed, status c0000005 >> >> If I remove grsecurity from the kernel, wine works fine. Does anyone >> know how to fix this or which grsecurity option I can disable to >> enable wine? > > > You don't want to go into the kernel and start disabling features as > that would be the wrong fix. No reason to downgrade system wide security > for one app. You want to use paxctl -flags /path/to/wine-loader > > Personally I'm lazy and would just do. > paxctl -permsx $(qlist -oe wine) > > > > -- > Ned Ludd > Gentoo Linux > > >