Quantcast
Channel: grsecurity forums
Browsing latest articles
Browse All 15 View Live

grsecurity support • [Kernel GRSecurity] Error on boot

which kernel/grsec is this? also the full log (including the backtrace) would be useful.Statistics: Posted by PaX Team — Thu Feb 23, 2017 5:58 pm — Replies 2 — Views 21687

View Article


RBAC policy development • RBAC on overlayfs filesystem

I'm struggling with RBAC on a filesystem with an overlayfs root. When I enable full learning it creates the logs but i can't disable it via "sudo gradm2 -D". It just says the password is incorrect,...

View Article


RBAC policy development • RBAC full learning and debian unattended upgrades

The manual says to avoid any administrative tasks while RBAC full system learning is turned on.Does anybody know if this applies to automatic upgrading of installed software via debian's...

View Article

grsecurity support • PAX: kile doesn't start, denied RWX mmap

Hello,I'm using Arch Linux x86_64, with kile 2.1.3-7linux-grsec 1:4.9.13.r201702270729-1paxd 32-1kile doesn't start neither calling /usr/bin/kile nor opening a file. In the journal it says:Code:...

View Article

RBAC policy development • ssh got denied access to user's ~/.ssh

title: ssh got denied access to user's ~/.ssh---Code: $ sftp rovisnet@rovis.orgCould not create directory '/home/miro/.ssh'.The authenticity of host 'rovis.org (178.218.165.68)' can't be...

View Article


grsecurity support • Kaby Lake vs Sandy Bridge

Hello,I noticed that there is high CPU usage in kernel in many cases on Sandy Bridge CPU.For example reading small file cached in memory takes at least 0.1 ms kernel CPU time. I haven't tested with...

View Article

RBAC policy development • Qemu RBAC policies (& libvirt & tcpdump...)

Initially I planned this first post (and I didn't know how many posts I would need to prepare), for topic:RBAC policy for tcpdumpviewtopic.php?f=5&t=4301because I figured out important little...

View Article

grsecurity support • pax overflow in android binder

Kernel version: 4.9.22.r201704120836-1-grsecCode: [  874.806063] PAX: size overflow detected in function binder_mmap drivers/android/binder.c:2911 cicus.568_197 min, count: 24, decl:...

View Article


grsecurity support • configure grsecurity post-compile

I have a vps which apparently has grsecurity compiled on it, but it doesn't look like it was ever configured:Code: [~]# sysctl -a | grep grskernel.grsecurity.audit_ptrace =...

View Article


grsecurity support • GRE TUNNEL

I dug myself a gre tunnel between two grsec-linux kernels. The gre packets are reaching both machines, but they can't ping or do anything else via the tunnel. Same setup works fine on two non grsec...

View Article

grsecurity support • RAP function is not visible in kernel config...

Hello guys,Im wondering why can't i set a RAP functions after kernel patched with grsec.[root@proton linux]# grep -i gcc_plugins .configCONFIG_HAVE_GCC_PLUGINS=y# CONFIG_GCC_PLUGINS is not...

View Article

grsecurity support • Passing the baton

Hey, I'm not sure i entirely get what the statement on 'passing the baton' means. I understand GrSec is an exceptional product but where is this leading ? Can an institute using the name Open Source...

View Article

grsecurity support • Paid access to test patches

Dear spender, Pax Team,I would like to ask, if you also consider private customers, who would be willing to pay for access to the test patch for their own usage only!?Do you consider all requests...

View Article


grsecurity support • Tab (no exec) triggers script on Bash on grsec admin

title: Tab (no exec) triggers script on Bash on grsec admin(posting in a rush, the title may change yet)---This is also good for newbies, to see the great beneficial reporting that theexec_logging...

View Article

grsecurity support • Paxtest ASLR and randomization problem.

I use paxtest-0.9.15 to Linux 4.1.6 with grsec,it shows "Main executable randomization (ET_EXEC) : No randomization",and almost all of the "randomization test" can be guessed,but I've enabled the ASLR...

View Article

Browsing latest articles
Browse All 15 View Live