feature request, pax sig files
2 posts
• Page 1 of 1
feature request, pax sig files
by peetaur » Tue Oct 07, 2014 3:49 pm
When i go to the pax download page to get paxctl, I am disappointed that there is no .sig file to download, and indexes on the base url is forbidden. Would it be possible to post these?
- peetaur
- Posts: 23
- Joined: Sat Oct 04, 2014 3:26 pm
Re: feature request, pax sig files
by peetaur » Sat Oct 18, 2014 7:56 am
by the way, I have now learned that paxctl is probably the wrong way to do it, so I would no longer want a sig file for it. I think it should be preferred to use extended attributes (setfattr command) instead.
Kernel config:
Setting flags (which I think I got from https://wiki.archlinux.org/index.php/PaX ):
Kernel config:
- Code: Select all
Use legacy ELF header marking (PAX_EI_PAX) [N/y/?] (NEW)
Use ELF program header marking (PAX_PT_PAX_FLAGS) [N/y/?] (NEW)
Use filesystem extended attributes marking (PAX_XATTR_PAX_FLAGS) [N/y/?] (NEW) y
Setting flags (which I think I got from https://wiki.archlinux.org/index.php/PaX ):
- Code: Select all
# get the current flags
getfattr -n user.pax.flags /usr/bin/problematic_binary# set the new flags, no conversion or backup (of the file) necessary (but you could back up the flags if there were some)
# set flags
setfattr -n user.pax.flags -v "mr" /usr/bin/problematic_binary
# remove flags
setfattr -x user.pax.flags /usr/bin/problematic_binary
- peetaur
- Posts: 23
- Joined: Sat Oct 04, 2014 3:26 pm
2 posts
• Page 1 of 1