uvscan resource overstep
Posted: Tue Jan 14, 2003 12:34 pm
Hi!
I have just started using grsecurity. I have a server configured to run a mail scanner that also uses mcafee virus scan (uvscan) to check for virii. Now, I have not yet started configuring anything related to ACLs at all (I had some tries and it broke a lot of stuff at first, so I currently disabled it). Most of grsecurity's stuff is compiled in, but I have activated sysctl support and nothing is on at the moment. I'm using the patch for 2.4.20.
The problem is that every now and then (yes, it's working most of the time), the uvscan process generates log lines like this:
kernel: grsec: From 127.0.0.1: attempted resource overstep by requesting 9412608 for RLIMIT_AS against limit 8388608 by (uvscan:15814) UID(64014) EUID(64014), parent (perl5.6.1:15808) UID(64014) EUID(64014)
It's certainly me, but I can't figure out where these messages come from. Why is there any AS limit enforced when ACLs are disabled? I have seen messages from PAX on other systems for XFree86 and they looked different, so that's not it either, is it? What can I do? Is there a way to enlarge the AS limit for uvscan without configuring the complete ACL system (for now)? Or isn't this related to ACLs at all?
Thanks for any hints!!
Oliver
I have just started using grsecurity. I have a server configured to run a mail scanner that also uses mcafee virus scan (uvscan) to check for virii. Now, I have not yet started configuring anything related to ACLs at all (I had some tries and it broke a lot of stuff at first, so I currently disabled it). Most of grsecurity's stuff is compiled in, but I have activated sysctl support and nothing is on at the moment. I'm using the patch for 2.4.20.
The problem is that every now and then (yes, it's working most of the time), the uvscan process generates log lines like this:
kernel: grsec: From 127.0.0.1: attempted resource overstep by requesting 9412608 for RLIMIT_AS against limit 8388608 by (uvscan:15814) UID(64014) EUID(64014), parent (perl5.6.1:15808) UID(64014) EUID(64014)
It's certainly me, but I can't figure out where these messages come from. Why is there any AS limit enforced when ACLs are disabled? I have seen messages from PAX on other systems for XFree86 and they looked different, so that's not it either, is it? What can I do? Is there a way to enlarge the AS limit for uvscan without configuring the complete ACL system (for now)? Or isn't this related to ACLs at all?
Thanks for any hints!!
Oliver