Page 1 of 1

python binaries seems to try RWX mapping lately

PostPosted: Wed Jul 27, 2016 6:13 am
by Dwokfur
I'm currently running hardened-sources-4.6.4-r2, based on grsecurity-3.1-4.6.4-201607192040 patch.
Other notable packages on the system: gcc-5.4.0, glibc-2.23-r2, binutils-2.26.1

1. symptom:
- python-3.5.2 fails to install unless disabling mprotect on the binary in the sandbox image
- see related bug: https://bugs.gentoo.org/show_bug.cgi?id=589828
2. symptom:
- mixxx requires disabling mprotect on python2.7, unless it fails to compile
3. symptom:
- mpv also requires disabling mprotect

I guess there would be more, if I would try to upgrade all packages of the system without disabling mprotect.

Binutils upgraded recetly, I booted the current kernel last week. Glibc and gcc upgrade happened many weeks before.
For python 3.5 it may be a misbehaving module. I'm not sure about python3.4 as well...

Thanks: Dw.