grsecurity forums

[jongavne]

Is anybody else seeing his?

Gradm crashes when I try to enable.
Feb 21 20:10:49 unix kernel: grsec: From xxx.xxx.xxx.xxx: signal 11 sent to
/opt/linux/gradm[gradm:16707] uid/euid:0/0 gid/egid:0/0, parent
/bin/bash[bash:1942] uid/euid:0/0 gid/egid:0/0

I'm running Linux with bash.
Thank you,

-- jon

[jongavne]

Dr Neal,

There seem to be another bug in this product.
I found someone else with a similar problem.
http://grsecurity.net/pipermail/grsecur ... 00340.html

How can we trust a security product which causes segmentation fault? Segmentation fault generally means the program can be exploited and arbitrary users can gain root privileges.

[spender]

Please download the following gradm:

http://grsecurity.net/~spender/gradm-2. ... 759.tar.gz

Modify the makefile so that the line:
CFLAGS := $(OPT_FLAGS) -DGRSEC_DIR=\"$(GRSEC_DIR)\"

becomes:
CFLAGS := $(OPT_FLAGS) -DGRADM_DEBUG -ggdb -DGRSEC_DIR=\"$(GRSEC_DIR)\"

Also, change both occurrences of -O2 on the OPT_FLAGS line to -O0
(the capital letter O and the number zero)

Run ulimit -c unlimited (to allow for coredumps)
Run ./gradm directly from the source directory; do not install it.

Mail the coredump generated from the crash to spender@grsecurity.net

-Brad