NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: kern/38982: PaX ASLR makes some programs crash
The following reply was made to PR kern/38982; it has been noted by GNATS.
From: Jean-Yves Migeon <jym%NetBSD.org@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc:
Subject: Re: kern/38982: PaX ASLR makes some programs crash
Date: Sat, 12 Dec 2009 22:06:51 +0100
I tracked down the issue a bit, and it is related to the setrlimit()
usage for the stack size. When setting the value to an insanely big size
(or infinity), all programs will end with a SIGABRT.
In the case of useradd/vipw/libutil binaries, the:
(void)setrlimit(RLIMIT_STACK, &rlim);
found inside pw_init() (in lib/libutil/passwd.c) does the trick. If you
comment out the line, or at least, set the rlimit to a smaller size,
libutil functions start working again.
From a more general PoV, using ulimit(3):
# sysctl -w security.pax.aslr.enabled=1
# ls
CVS conf fs modules netinet6 netsmb sys
Makefile crypto gdbscripts net netipsec nfs tags
altq ddb ipkdb net80211 netisdn opencrypto ufs
arch dev kern netatalk netiso rump uvm
coda dist lib netbt netkey secmodel
compat external miscfs netinet netnatm stand
# ulimit -s unlimited
# ls
Abort
# vi
Abort
... and so forth. I guess that the gmake issue is the same, as it starts
by altering the stack ressource:
[...]
17022 1 gmake CALL getrlimit(3,0xbf0b6644)
17022 1 gmake RET getrlimit 0
17022 1 gmake CALL setrlimit(3,0xbf0b6644)
17022 1 gmake RET setrlimit 0
17022 1 gmake CALL issetugid
17022 1 gmake RET issetugid 0
[...]
setrlimit(3, 0xbf0b6644) => setrlimit(RLIMIT_STACK, max) (called at the
beginning of the main of gmake). FWIW, max == 67108864 (65k). If you
invoke gmake from a simple user and not from superuser, it will work as
expected.
--
Jean-Yves Migeon
jym%NetBSD.org@localhost
Home |
Main Index |
Thread Index |
Old Index