grsecurity forums

Hi,

I like to use ravlin8, and grsec enhanced kernel, without acl, and I runa trouble, when I start ravav, or ravlin8:

PAX: terminating task: /tmp/upxBHTOIQGAXXY (deleted)(3):24312, uid/euid: 0/0, EIP: 0805E160, ESP: 5D949090
PAX: bytes at EIP: 53 55 8b 6c 24 0c 68 90 2b 60 00 ff 55 5c 8b d8 83 c4 04 85
grsec: attempted resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 by (3:24312) UID(0) EUID(0), parent (bash:29007) UID(0) EUID(0)

The task's file name is randomly changed, so I can't disable any exec restriction.

Can I solve this problem?

Thanx a lot!

fonya wrote:I like to use ravlin8, and grsec enhanced kernel, without acl, and I runa trouble, when I start ravav, or ravlin8:

PAX: terminating task: /tmp/upxBHTOIQGAXXY (deleted)(3):24312, uid/euid: 0/0, EIP: 0805E160, ESP: 5D949090
PAX: bytes at EIP: 53 55 8b 6c 24 0c 68 90 2b 60 00 ff 55 5c 8b d8 83 c4 04 85

upx compressed files won't work under PaX because of runtime code-generation. you can either use chpax (chpax -sp) or decompress the original executable (upx -d) and that should get it to work in general. however certain (all?) RAV executables perform self-checking and in that case your only option is to use the ACL system to disable PAGEEXEC/SEGMEXEC on them.

Thanks a lot! The upx was the magic word.
And the rav doesn't use the self-check feature