grsecurity forums


https://forums.grsecurity.net./

Bug in Grsecuritys ACL System (Version 1)

https://forums.grsecurity.net./viewtopic.php?f=1&t=548

Page 1 of 1

Bug in Grsecuritys ACL System (Version 1)

PostPosted: Mon Sep 15, 2003 3:19 am
by siti
When having a process trying to access very very very large paths the process will lock up and will not be killable by anything even -9 and will require a reboot (I have not tried disabling the ACL system) to kill the process. This happened to me when I was emergeing coreutils when it does a test probably to see how long paths can be.

PostPosted: Mon Sep 15, 2003 8:23 am
by spender
I've been able to reproduce this on a vanilla 2.4.22 kernel (without grsec). An ls in a directory with length 4096 (in my case i created many directories, each a single character in length) causes the process to enter disk sleep and never wake up.

-Brad

PostPosted: Mon Sep 15, 2003 3:15 pm
by spender
I've just noticed the cause of the problem. In kernels < 2.4.22, d_path could never return an error. If the path it would generate was too long, it would simply truncate. The grsec and pax code aren't updated for this, and I would imagine other kernel patches aren't updated as well.

-Brad

PostPosted: Mon Sep 15, 2003 3:25 pm
by spender
Fixes for grsec and PaX have been committed to CVS.

-Brad
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/