grsecurity forums

[pickle]

I apologize if this has been addressed already, but I'm very new to the world of kernels.

Since grsecurity was installed, this has been appearing in kern.log and /var/log/messages:

Jul 23 15:30:01 myserv kernel: grsec: denied resource overstep by requesting 93085410021376 for RLIMIT_STACK against limit 8388608 for /[grep:15065]
uid/euid:0/0 gid/egid:0/0, parent /usr/local/bfd/bfd[bfd:15061] uid/euid:0/0 gid/egid:0/0

Jul 23 15:30:01 myserv kernel: grsec: denied resource overstep by requesting 92781936435200 for RLIMIT_STACK against limit 8388608 for /[grep:14939]
uid/euid:0/0 gid/egid:0/0, parent /usr/local/sim/sim[sim:14937] uid/euid:0/0 gid/egid:0/0

Jul 23 01:16:02 myserv kernel: grsec: time set by /usr/bin/rdate[rdate:8976] uid/euid:0/0
gid/egid:0/0, parent /scripts/upcp[upcp:8958] uid/euid:0/0 gid/egid:0/0


These are integral services, no? Why are they being limited?
...are these errors similar to segfaults?

[PaX Team]

Jul 23 15:30:01 myserv kernel: grsec: denied resource overstep by requesting 93085410021376 for RLIMIT_STACK against limit 8388608 for /[grep:15065]
uid/euid:0/0 gid/egid:0/0, parent /usr/local/bfd/bfd[bfd:15061] uid/euid:0/0 gid/egid:0/0

Jul 23 15:30:01 myserv kernel: grsec: denied resource overstep by requesting 92781936435200 for RLIMIT_STACK against limit 8388608 for /[grep:14939]
uid/euid:0/0 gid/egid:0/0, parent /usr/local/sim/sim[sim:14937] uid/euid:0/0 gid/egid:0/0

These are integral services, no? Why are they being limited?
...are these errors similar to segfaults?

these are rlimit violations that the kernel would have denied anyway, grsec is just reporting the fact. given the unreasonably big stack size requests, it's probably some bug triggering in those apps, only debugging can tell what's going on.