On Hét, November 10, 2008 13:43, [EMAIL PROTECTED] wrote:
> On 10 Nov 2008 at 7:24, Brian Kroth wrote:
>
>> [EMAIL PROTECTED] <[EMAIL PROTECTED]> 2008-11-10 12:31:
>> > I usually have some of these while I'm listening to music:
>> > grsec: (atoth:U:/usr/bin/audacious) denied resource overstep by
>> requesting
>> > 135168 for RLIMIT_MEMLOCK against limit 32768 for
>> > /usr/bin/audacious[audacious:24077] uid/euid:1000/1000
>> gid/egid:100/100,
>> > parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
>> > and usual report about signal 11s for eg. with java while browsing. Of
>> > course that RLMIT_MEMLOCK value requested is not so insane like that
>> for
>> > perl & pwd.
>>
>> Same here:
>>
>> grsec: denied resource overstep by requesting 69632 for RLIMIT_MEMLOCK
>> against limit 32768 for /usr/bin/aplay[aplay:16674] uid/euid:1000/1000
>> gid/egid:1000/1000, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
>
> the memlock limit overstep is harmless, it won't cause any application
> per se and you can get rid of it by granting the user in question a higher
> limit for mlockable pages (the 32k is the linux default since 2.6.9 or
> so).

That's why I ignored these.

>
>> And for the perl forloop:
>>
>> grsec: denied resource overstep by requesting 4511036391424 for
>> RLIMIT_STACK against limit 8388608 for /bin/pwd[pwd:18765]
>> uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:18636]
>> uid/euid:1000/1000 gid/egid:1000/1000
>
> now this one definitely looks fishy and spender's looking into it already.
>
>

If the representation of the resource's amount requested is correct, than
there must be something odd with the userland. I tend to suspect the
latter.

Regards,
Dw.


Reply via email to