hello i activated nearly everything for grsecurity in my kernel config.
after reboot with new kernel (in the init scripts gradm -E was called)
i couldnt enter admin mode. always a segmentation fault.
my logs:
Sep 14 21:19:30 merkur grsec: more mmap exec attempts, logging disabled for 30 seconds
Sep 14 21:53:55 merkur Sequencer SCB Info: 0(c 0x60, s 0x7, l 0, t 0xff) 1(c 0x64, s 0x7, l 0, t 0x7) 2(c 0x64, s 0x7, l 0, t 0x3) 3(c 0x64, s 0x7, l 0, t 0x1) 4(c 0x64, s 0x7, l 0, t 0x2) 5(c 0x60, s 0x7, l 0, t 0xff) 6(c 0x60, s 0x7, l 0, t 0xff) 7(c 0x64, s 0x7, l 0, t 0x0) 8(c 0x64, s 0x7, l 0, t 0xc) 9(c 0x60, s 0x7, l 0, t 0xff) 10(c 0x0, s 0xff, l 255, t 0xff) 11(c 0x0, s 0xff, l 255, t 0xff) 12(c 0x0, s 0xff,<1>grsec: attempt to mmap [08:02:22517] gradm executable by (gradm:1175) UID(0) EUID(0), parent (bash:15547) UID(0) EUID(0)
Sep 14 21:54:39 merkur grsec: more mmap exec attempts, logging disabled for 30 seconds
im using debian 3.0 woody/stable and gradm from sid/unstable if this is important
gradm: segmentation fault
6 posts
• Page 1 of 1
gradm: segmentation fault
by msi » Sat Sep 14, 2002 4:25 pm
- msi
- Posts: 29
- Joined: Fri Sep 13, 2002 2:37 pm
by msi » Sat Sep 14, 2002 8:29 pm
Sep 15 02:26:39 merkur grsec: attempt to mmap [08:02:22517] gradm executable by (gradm:2837) UID(0) EUID(0), parent (bash:892) UID(0) EUID(0)
how can i permit gradm to use mmap? I think the acl deny the access because before i load them i can use gradm.
how can i permit gradm to use mmap? I think the acl deny the access because before i load them i can use gradm.
- msi
- Posts: 29
- Joined: Fri Sep 13, 2002 2:37 pm
by msi » Sun Sep 15, 2002 12:35 pm
im using linux-2.4.19 patched with the newest stable grsecurity patch (1.9.6)
gradm -v:
1.4.
i recognized that the problem only occur when following acl rules are set:
/ {
[....]
/etc/ppp/pap-secrets h
[....]
}
[....]
/usr/sbin/pppd {
/etc/ppp/pap-secrets ro
}
/usr/sbin/pppoe {
/etc/ppp/pap-secrets ro
}
if i lock dsl-provider too,
i cann't execute programs in /sbin
or all programms any more.
gradm -v:
1.4.
i recognized that the problem only occur when following acl rules are set:
/ {
[....]
/etc/ppp/pap-secrets h
[....]
}
[....]
/usr/sbin/pppd {
/etc/ppp/pap-secrets ro
}
/usr/sbin/pppoe {
/etc/ppp/pap-secrets ro
}
if i lock dsl-provider too,
i cann't execute programs in /sbin
or all programms any more.
- msi
- Posts: 29
- Joined: Fri Sep 13, 2002 2:37 pm
6 posts
• Page 1 of 1