grsecurity forums

[pawcio]

Hello,
when I'm trying to startup tomcat ver 4.1 PAX terminating that pid and says:
PAX: From 217.153.91.62: execution attempt in: /usr/local/java/jre/lib/i386/client/libjvm.so, 27e09000-27e24000 003f6000
PAX: From 217.153.91.62: terminating task: /usr/local/java/bin/java(java):23334, uid/euid: 0/0, PC: 27e12ea4, SP: 58f29aa4
PAX: bytes at PC: 68 7f 02 00 00 d9 6c 24 00 58 c3 90 cc cc cc cc 00 80 01 00
grsec: From 217.153.91.62: attempted resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 by (java:23334) UID(0) EUID(0), parent (init:1) UID(0) EUID(0)

my config of gr-sec:
# CONFIG_NET_IPGRE is not set
# CONFIG_DGRS is not set
# CONFIG_INPUT_GRIP is not set
# CONFIG_INPUT_TURBOGRAFX is not set
CONFIG_GRKERNSEC=y
# CONFIG_GRKERNSEC_LOW is not set
# CONFIG_GRKERNSEC_MID is not set
# CONFIG_GRKERNSEC_HI is not set
CONFIG_GRKERNSEC_CUSTOM=y
CONFIG_GRKERNSEC_PAX_NOEXEC=y
CONFIG_GRKERNSEC_PAX_PAGEEXEC=y
CONFIG_GRKERNSEC_PAX_SEGMEXEC=y
# CONFIG_GRKERNSEC_PAX_EMUTRAMP is not set
CONFIG_GRKERNSEC_PAX_MPROTECT=y
# CONFIG_GRKERNSEC_PAX_NOELFRELOCS is not set
CONFIG_GRKERNSEC_PAX_ASLR=y
CONFIG_GRKERNSEC_PAX_RANDKSTACK=y
CONFIG_GRKERNSEC_PAX_RANDUSTACK=y
CONFIG_GRKERNSEC_PAX_RANDMMAP=y
CONFIG_GRKERNSEC_PAX_RANDEXEC=y
CONFIG_GRKERNSEC_KMEM=y
# CONFIG_GRKERNSEC_IO is not set
CONFIG_GRKERNSEC_PROC_MEMMAP=y
CONFIG_GRKERNSEC_HIDESYM=y
# CONFIG_GRKERNSEC_ACL_HIDEKERN is not set
CONFIG_GRKERNSEC_ACL_MAXTRIES=3
CONFIG_GRKERNSEC_ACL_TIMEOUT=30
CONFIG_GRKERNSEC_PROC=y
CONFIG_GRKERNSEC_PROC_USER=y
CONFIG_GRKERNSEC_PROC_ADD=y
CONFIG_GRKERNSEC_LINK=y
CONFIG_GRKERNSEC_FIFO=y
CONFIG_GRKERNSEC_CHROOT=y
CONFIG_GRKERNSEC_CHROOT_MOUNT=y
# CONFIG_GRKERNSEC_CHROOT_DOUBLE is not set
CONFIG_GRKERNSEC_CHROOT_PIVOT=y
CONFIG_GRKERNSEC_CHROOT_CHDIR=y
CONFIG_GRKERNSEC_CHROOT_CHMOD=y
CONFIG_GRKERNSEC_CHROOT_FCHDIR=y
CONFIG_GRKERNSEC_CHROOT_MKNOD=y
CONFIG_GRKERNSEC_CHROOT_SHMAT=y
# CONFIG_GRKERNSEC_CHROOT_UNIX is not set
CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
CONFIG_GRKERNSEC_CHROOT_NICE=y
CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
CONFIG_GRKERNSEC_CHROOT_CAPS=y
# CONFIG_GRKERNSEC_AUDIT_GROUP is not set
# CONFIG_GRKERNSEC_EXECLOG is not set
CONFIG_GRKERNSEC_RESLOG=y
# CONFIG_GRKERNSEC_CHROOT_EXECLOG is not set
# CONFIG_GRKERNSEC_AUDIT_CHDIR is not set
CONFIG_GRKERNSEC_AUDIT_MOUNT=y
# CONFIG_GRKERNSEC_AUDIT_IPC is not set
CONFIG_GRKERNSEC_SIGNAL=y
CONFIG_GRKERNSEC_FORKFAIL=y
CONFIG_GRKERNSEC_TIME=y
CONFIG_GRKERNSEC_EXECVE=y
CONFIG_GRKERNSEC_DMESG=y
CONFIG_GRKERNSEC_RANDPID=y
# CONFIG_GRKERNSEC_TPE is not set
CONFIG_GRKERNSEC_RANDNET=y
CONFIG_GRKERNSEC_RANDISN=y
CONFIG_GRKERNSEC_RANDID=y
CONFIG_GRKERNSEC_RANDSRC=y
CONFIG_GRKERNSEC_RANDRPC=y
# CONFIG_GRKERNSEC_SOCKET is not set
# CONFIG_GRKERNSEC_SYSCTL is not set
CONFIG_GRKERNSEC_FLOODTIME=10
CONFIG_GRKERNSEC_FLOODBURST=4

Thanks for any help.

With regard,
Paul.

[PaX Team]

Hello,
when I'm trying to startup tomcat ver 4.1 PAX terminating that pid and says:
PAX: From 217.153.91.62: execution attempt in: /usr/local/java/jre/lib/i386/client/libjvm.so, 27e09000-27e24000 003f6000
PAX: From 217.153.91.62: terminating task: /usr/local/java/bin/java(java):23334, uid/euid: 0/0, PC: 27e12ea4, SP: 58f29aa4
PAX: bytes at PC: 68 7f 02 00 00 d9 6c 24 00 58 c3 90 cc cc cc cc 00 80 01 00
grsec: From 217.153.91.62: attempted resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 by (java:23334) UID(0) EUID(0), parent (init:1) UID(0) EUID(0)

chpax -sp /usr/local/java/bin/java (maybe better to be proactive and do it on the rest in that directory too ;-).