From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-hardened+bounces-3015-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1ObxIX-0002YL-Gh
	for garchives@archives.gentoo.org; Thu, 22 Jul 2010 15:02:57 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id DE800E0A81
	for <garchives@archives.gentoo.org>; Thu, 22 Jul 2010 15:02:56 +0000 (UTC)
Received: from mail-pz0-f53.google.com (mail-pz0-f53.google.com [209.85.210.53])
	by pigeon.gentoo.org (Postfix) with ESMTP id 6B7B5E0A81
	for <gentoo-hardened@lists.gentoo.org>; Thu, 22 Jul 2010 14:08:40 +0000 (UTC)
Received: by pzk9 with SMTP id 9so3971459pzk.40
        for <gentoo-hardened@lists.gentoo.org>; Thu, 22 Jul 2010 07:08:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:received:received:in-reply-to
         :references:date:message-id:subject:from:to:content-type
         :content-transfer-encoding;
        bh=QxClnT5I1k72uB/7lPkirloQPbgIiidZKhn4oxZ1Iww=;
        b=vteb+5FmTBV5wGFVd+LREf+EwTnDtZ23eQXb08KMd3jdN6G7WZTN1jcEVDVZYvKL31
         /JY2beoSvYE7UWnPfPwEKiYgqM5SX5uTp3Cwxvw8sCYR8PviVy/1/0jvByXSLdXxazzK
         OVNhglU8lRrqPMUnm1+lexyxayXkZyPciRRnI=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type:content-transfer-encoding;
        b=Xdd23CScEJ5PmlN1iAH1w3a4a99UVziPpoWlG5OPcUhkdaR36UOtYI+AKBCevwDNeB
         R2mknm/BL3b6BORJKONluiPoIFB6R2FrbM8f6HjyOlqY9PgLpp9Nk8GBxvEuozTA0wcG
         KkLnCFnTB3eTRBL+ljC2+To6buMyFO47oxaqc=
Precedence: bulk
List-Post: <mailto:gentoo-hardened@lists.gentoo.org>
List-Help: <mailto:gentoo-hardened+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-hardened+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-hardened+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-hardened.gentoo.org>
X-BeenThere: gentoo-hardened@lists.gentoo.org
Reply-to: gentoo-hardened@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.114.77.10 with SMTP id z10mr3097971waa.168.1279807710377; Thu, 
	22 Jul 2010 07:08:30 -0700 (PDT)
Received: by 10.231.139.229 with HTTP; Thu, 22 Jul 2010 07:08:30 -0700 (PDT)
In-Reply-To: <135383e85ff4aae9a95200f2b7e53354.squirrel@atoth.sote.hu>
References: <135383e85ff4aae9a95200f2b7e53354.squirrel@atoth.sote.hu>
Date: Thu, 22 Jul 2010 07:08:30 -0700
Message-ID: <AANLkTimUokS1z1_3jExwIlIIiHztWhLpDivDZOjLQCbm@mail.gmail.com>
Subject: Re: [gentoo-hardened] FYI: Clamav bytecode feature isn't compatible 
	with PaX
From: Kyle Bader <kyle.bader@gmail.com>
To: gentoo-hardened@lists.gentoo.org
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Archives-Salt: 5a725787-3f9a-44bc-ad56-1661b0c8c4f9
X-Archives-Hash: c928a7c925821c0365b9ab92e30899e5

> https://wwws.clamav.net/bugzilla/show_bug.cgi?id=3D2092
> http://bugs.gentoo.org/show_bug.cgi?id=3D326199
>
> https://wwws.clamav.net/bugzilla/show_bug.cgi?id=3D2092#c39
> It raises two questions:
> 1. What is the neat way of detecting PaX running on a system?

http://tk-blog.blogspot.com/2009/02/checksec.html

> 2. Edwin T=C3=B6r=C3=B6k says PaX allows RWX mapping and kills the progra=
m after that.

http://pax.grsecurity.net/docs/pageexec.txt

--=20

Kyle