grsecurity forums

Skip to content

jEdit - linked to "resource limits" or "java

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.
Topic locked

jEdit - linked to "resource limits" or "java

Postby Meths » Tue Dec 31, 2002 11:27 am

Hi,

I'm getting the following messages when trying to run jedit:

Dec 31 15:10:21 hyperion kernel: PAX: terminating task: /usr/local/j2sdk1.4.1_01/jre/bin/java(java):913, uid/euid: 1000/1000, EIP: 22E90344, ESP: 5CB3265C
Dec 31 15:10:21 hyperion kernel: PAX: bytes at EIP: 68 7f 02 00 00 d9 6c 24 00 58 c3 90 cc cc cc cc 00 00 00 00
Dec 31 15:10:21 hyperion kernel: grsec: attempted resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 by (java:913) UID(1000) EUID(1000), parent (waimea:520) UID(1000) EUID(1000)

I tried changing the chpax options on java_vm to no avail. When I try and chpax -v java it tells me it is an unknown file type.

What is happening to cause the errors and how do I solve it? I'm running debian stable with 2.4.20 and grsecurity1.9.8rc2.

TIA

Meths
Meths
 
Posts: 5
Joined: Wed Dec 18, 2002 8:48 am
Top

Postby Meths » Tue Dec 31, 2002 11:30 am

Oh, and at the moment everything in /proc/sys/kernel/grsecurity/ set to 0 and no ACLs.
Meths
 
Posts: 5
Joined: Wed Dec 18, 2002 8:48 am
Top

Re: jEdit - linked to "resource limits" or "j

Postby PaX Team » Tue Dec 31, 2002 1:14 pm

Meths wrote:I tried changing the chpax options on java_vm to no avail. When I try and chpax -v java it tells me it is an unknown file type.

What is happening to cause the errors and how do I solve it? I'm running debian stable with 2.4.20 and grsecurity1.9.8rc2.
it's the non-executable feature killing java (it has some FPU initialization code in the .data segment. when you tried to chpax 'java', did you mean /usr/local/j2sdk1.4.1_01/jre/bin/java or something else (former should be an ELF file and chpax should be able to work on it)? the RLIMIT_CORE message is due to the fact that PaX also tries to dump core (useful if one wants to analyze the circumstances of real exploit attempts) and apparently your core file size limit is set to 0.
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm
Top

Postby Meths » Tue Dec 31, 2002 1:37 pm

Thanks. The -p did it, but after the -s. I noticed this in another topic that when you disable seg-based page exec it reads page based page exec as enabled when it was disabled before. Is this going to be fixed?

Yeah I was talking about another java but that was my mistake, nothing to worry about.
Meths
 
Posts: 5
Joined: Wed Dec 18, 2002 8:48 am
Top

Postby PaX Team » Tue Dec 31, 2002 2:42 pm

Meths wrote:Is this going to be fixed?
fixed (will report enabled/overridden as appropriate), you can grab the new chpax from the PaX site. happy new year to everyone ;-).
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm
Top
Topic locked

Return to grsecurity support

Powered by phpBB® Forum Software © phpBB Group