hello,
I have a Debian 3.1 (sarge) server with tomcat (5.5.x) and (java 1.5.0_04) and some other services.
I applyed the grsecurity patch to my 2.4.31 kernel and run the chpax -emrspx on java and javac executables in $JAVA_HOME/bin and $JAVA_HOME/jre/bin direcories.
The problem of the randomly and continuosly messages:
--------8<------------8<-------------------8<----------
Aug 31 11:29:05 localhost kernel: grsec: From xx.xx.xx.xx: signal 11 sent to /webjail/.../java[java:21790] uid/euid:33/33 gid/egid:33/33, parent /webjail/..//java[java:11314] uid/euid:33/33 gid/egid:33/33
--------8<------------8<-------------------8<----------
Still remain until I disabled the "-server" flag command line of the java executable..
At the end I have deduced that the implementation of the Java Hot-Spot optimizations conflicts with the secutity rules of grsecurity.
So, I will look forward for some other flag to add to chpax that prevents this behavour..
Bye