2009/4/3 Alex Efros <[email protected]>
> Hi! > > On Thu, Apr 02, 2009 at 11:17:10PM +0200, [email protected] wrote: > > can you strace bash/etc to see what happens? probably we'll see what runs > > how do I can strace process N1? > PaX doesn't kill bash if it executed not as process N1. > > > against the MPROTECT restricions. my guess is either textrels or > gnu_stack > > (compare scanelf -lpqRte on your systems). > > it's same on all servers: > > # scanelf -lpqRte > TEXTREL /usr/lib/perl5/site_perl/5.8.8/i686-linux/auto/Math/Pari/Pari.so > RWX --- --- /usr/lib/paxtest/writetext > RWX --- --- /usr/lib/paxtest/shlibbss > RWX --- --- /usr/lib/paxtest/mprotanon > RWX --- --- /usr/lib/paxtest/mprotdata > RWX --- --- /usr/lib/paxtest/mprotheap > RWX --- --- /usr/lib/paxtest/rettofunc1 > RWX --- --- /usr/lib/paxtest/rettofunc2 > RWX --- --- /usr/lib/paxtest/execbss > RWX --- --- /usr/lib/paxtest/execstack > RWX --- --- /usr/lib/paxtest/mprotshbss > RWX --- --- /usr/lib/paxtest/mprotstack > RWX --- --- /usr/lib/paxtest/mprotbss > RWX --- --- /usr/lib/paxtest/anonmap > RWX --- --- /usr/lib/paxtest/mprotshdata > RWX --- --- /usr/lib/paxtest/execdata > RWX --- --- /usr/lib/paxtest/execheap > RWX --- --- /usr/lib/paxtest/rettofunc1x > RWX --- --- /usr/lib/paxtest/rettofunc2x > RWX --- --- /usr/lib/paxtest/shlibdata > RWX --- --- /usr/inferno/Linux/386/bin/emu > RWX --- --- /usr/inferno/Linux/386/bin/emu-g > > > btw, why are you using SEGMEXEC on your core2? > > Hmm. You think I should use PAGEEXEC instead? According to help in linux > kernel SEGMEXEC looks more suitable for Core2Duo and Xeon E5310... > > In help for PAGEEXEC it doesn't recommended for P4 and there is nothing > about newest processors, so I suppose PAGEEXEC may not be a good choice. > > After your question I've re-read help, and notice "i386 with hardware > non-executable bit support" item at end of list with less usual archs like > avr32, sparc, etc. If that was said about Core/Xeon too, then there > probably little usability issue with that help. ;-) > Just check if the cpu has the NX flag, if it does, you should use pageexec.
