grsecurity forums

[eRAZOR]

I'm running Debian Sarge with a "2.4.28-grsec #2 SMP Mon Dec 27 20:10:58 CET 2004 i686 GNU/Linux" Kernel. Everything is working great but Java gives me a lot of headache in the form of kern.log spam:

Code: Select all

Dec 29 19:37:08 localhost kernel: grsec: signal 11 sent to /usr/local/jre1.5.0/bin/java[java:23124] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/local/jre1.5.0/bin/java[java:5833] uid/euid:1000/1000 gid/egid:1000/1000
Dec 29 19:37:08 localhost last message repeated 3 times
Dec 29 19:37:08 localhost kernel: grsec: more alerts, logging disabled for 10 seconds


Please note this is after running chpax -Erspmv /usr/local/jre1.5.0/bin/java resulting in:

Code: Select all

----[ chpax 0.7 : Current flags for /usr/local/jre1.5.0/bin/java (pEmrxs) ]----

 * Paging based PAGE_EXEC       : disabled
 * Trampolines                  : emulated
 * mprotect()                   : not restricted
 * mmap() base                  : not randomized
 * ET_EXEC base                 : not randomized
 * Segmentation based PAGE_EXEC : disabled


I've also set the same flags for /usr/local/jre1.5.0/bin/* to no avail. Any suggestions?