|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Chris Rohlf (chris.rohlf
gmail.com)
Date: Sat Mar 03 2007 - 08:44:12 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Yes you would take certain pax permissions off applications that
require an executable stack (x.org, jvm come to mind).
But proper SElinux controls can still be applied to them. I was more
specifically looking for how to bypass those MAC and RBAC features of
SElinux and grsecurity without a kernel vulnerability.
Chris
On 3/2/07, endrazine <endrazinegmail.com> wrote:
> Chris Rohlf a écrit :
> > This sort of goes without saying. But what other known 'bypasses' are
> > there for grsec or SElinux that don't require a kernel vulnerability?
> > Im asking honestly, its been awhile since I've looked into this stuff.
> >
> Afaik, Pax, grsec etc do _never_ randomize Xorg.
>
>
> endrazine-
--
http://em386.blogspot.com
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]