grsecurity forums

[zorgin]

Hey.. i goto say grsec is a awesome tool to make your system securer. i thank you guys for that. however i have a small problem when trying to run a program.

In the syslog i get this:

Mar 30 06:45:06 arcanos kernel: PAX: From xxx.xxx.xxx.xxx: terminating task: /root/tss2_rc2/server_linux(server_linux):6245, uid/euid: 0/0, EIP: 0804D088, ESP: 58715010
Mar 30 06:45:06 arcanos kernel: PAX: bytes at EIP: 8b 45 f4 5e 5b 8b e5 5d c2 04 00 00 55 4e 49 43 4f 44 45 4c

thing is i've been trying all kinds of combinations with the pax disables in gradm.. but i still cant get it to work. when i use the subject S it just says a seg fault and doesnt print anything in the log..

here is the acl atm.

/root/tss2_rc2/server_linux poX {
/root/tss2_rc2/server_linux rwx
/lib r
/etc r
/proc r
/usr/lib r
/ h

-CAP_ALL
}

been trying with the modes P,S,M,R but couldnt get it to work and since i have no idea what EIP is.. heh
much appretiated if you could help me.

[spender]

make poSP the subject mode. S disables the segmentation-based pax, and P disables the page-based. If both are disabled, PaX won't enforce page protections on the process, and thus it won't be killed by PaX for violating them.

-Brad

[zorgin]

Great. thanks

[PaX Team]

Mar 30 06:45:06 arcanos kernel: PAX: From xxx.xxx.xxx.xxx: terminating task: /root/tss2_rc2/server_linux(server_linux):6245, uid/euid: 0/0, EIP: 0804D088, ESP: 58715010
Mar 30 06:45:06 arcanos kernel: PAX: bytes at EIP: 8b 45 f4 5e 5b 8b e5 5d c2 04 00 00 55 4e 49 43 4f 44 45 4c

there are two problems with this teamspeak server. the kill message you mention above is the result of your having enabled RANDEXEC (X subject flag, see http://www.grsecurity.net/gracldoc.htm# ... nd_caveats for details) which is known to produce false positives (it's mentioned in the kernel config help), so it should not be enabled on it. the second problem will manifest when you disable RANDEXEC but leave one of the non-exec page features enabled (PAGEEXEC or SEGMEXEC, by default they're both enabled and the latter is active). in this case PaX will still terminate the app but for a good reason this time: it seems that Borland's Delphi places executable code into the data segment which happens to be non-executable. since your only workaround is to disable non-exec pages (as Brad said, both PAGEEXEC and SEGMEXEC) and this is a server app where it would be most needed, Borland should fix it as i bet more apps are or will be affected by this in the future.