On Jan 22, 2014, at 10:51 AM, Kevin Olbrich <[email protected]> wrote:
> > Okay but this missmatch does not automatically mean it is not working. > Can you check if the features are present? Maybe the patch is still > compatible with a newer kernel? > Hi Kevin, I installed the i386 architecture and installed the `paxtest' suite. My results were fairly disappointing, to be honest: > $ sudo paxtest blackhat > PaXtest - Copyright(c) 2003,2004 by Peter Busser <[email protected]> > Released under the GNU Public Licence version 2 or later > > Writing output to /root/paxtest.log > It may take a while for the tests to complete > Test results: > PaXtest - Copyright(c) 2003,2004 by Peter Busser <[email protected]> > Released under the GNU Public Licence version 2 or later > > Mode: Blackhat > Linux pinguino 3.2.0-4-amd64 #1 SMP Debian 3.2.51-1 x86_64 GNU/Linux > > Executable anonymous mapping : Killed > Executable bss : Killed > Executable data : Killed > Executable heap : Killed > Executable stack : Killed > Executable shared library bss : Killed > Executable shared library data : Killed > Executable anonymous mapping (mprotect) : Vulnerable > Executable bss (mprotect) : Vulnerable > Executable data (mprotect) : Vulnerable > Executable heap (mprotect) : Vulnerable > Executable stack (mprotect) : Vulnerable > Executable shared library bss (mprotect) : Vulnerable > Executable shared library data (mprotect): Vulnerable > Writable text segments : Vulnerable > Anonymous mapping randomisation test : 9 bits (guessed) > Heap randomisation test (ET_EXEC) : 13 bits (guessed) > Heap randomisation test (PIE) : 16 bits (guessed) > Main executable randomisation (ET_EXEC) : No randomisation > Main executable randomisation (PIE) : 8 bits (guessed) > Shared library randomisation test : 10 bits (guessed) > Stack randomisation test (SEGMEXEC) : 19 bits (guessed) > Stack randomisation test (PAGEEXEC) : 19 bits (guessed) > Return to function (strcpy) : Vulnerable > Return to function (memcpy) : Vulnerable > Return to function (strcpy, PIE) : Vulnerable > Return to function (memcpy, PIE) : Vulnerable and in "kiddie" mode, pretty much the same: > $ paxtest kiddie > PaXtest - Copyright(c) 2003,2004 by Peter Busser <[email protected]> > Released under the GNU Public Licence version 2 or later > > Writing output to /home/andrew/paxtest.log > It may take a while for the tests to complete > Test results: > PaXtest - Copyright(c) 2003,2004 by Peter Busser <[email protected]> > Released under the GNU Public Licence version 2 or later > > Mode: Kiddie > Linux pinguino 3.2.0-4-amd64 #1 SMP Debian 3.2.51-1 x86_64 GNU/Linux > > Executable anonymous mapping : Killed > Executable bss : Killed > Executable data : Killed > Executable heap : Killed > Executable stack : Killed > Executable shared library bss : Killed > Executable shared library data : Killed > Executable anonymous mapping (mprotect) : Vulnerable > Executable bss (mprotect) : Vulnerable > Executable data (mprotect) : Vulnerable > Executable heap (mprotect) : Vulnerable > Executable stack (mprotect) : Vulnerable > Executable shared library bss (mprotect) : Vulnerable > Executable shared library data (mprotect): Vulnerable > Writable text segments : Vulnerable > Anonymous mapping randomisation test : 9 bits (guessed) > Heap randomisation test (ET_EXEC) : 13 bits (guessed) > Heap randomisation test (PIE) : 16 bits (guessed) > Main executable randomisation (ET_EXEC) : No randomisation > Main executable randomisation (PIE) : 8 bits (guessed) > Shared library randomisation test : 10 bits (guessed) > Stack randomisation test (SEGMEXEC) : 19 bits (guessed) > Stack randomisation test (PAGEEXEC) : 19 bits (guessed) > Return to function (strcpy) : Vulnerable > Return to function (memcpy) : Vulnerable > Return to function (strcpy, PIE) : Vulnerable > Return to function (memcpy, PIE) : Vulnerable > Looking online for "paxtest," I found the following debian-security discussion mirroring this, from 2011: <https://lists.debian.org/debian-security/2011/09/msg00012.html> A followup there links to the following bug, "linux-2.6: [RFC] Add a grsec featureset to Debian kernels": <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605090> Perhaps patching a vanilla kernel would yield better results for me. Cheers, Andrew -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
