Yes you would take certain pax permissions off applications that
require an executable stack (x.org, jvm come to mind).
But proper SElinux controls can still be applied to them. I was more
specifically looking for how to bypass those MAC and RBAC features of
SElinux and grsecurity without a kernel vulnerability.
Chris
On 3/2/07, endrazine <endrazine_at_gmail.com> wrote:
> Chris Rohlf a écrit :
> > This sort of goes without saying. But what other known 'bypasses' are
> > there for grsec or SElinux that don't require a kernel vulnerability?
> > Im asking honestly, its been awhile since I've looked into this stuff.
> >
> Afaik, Pax, grsec etc do _never_ randomize Xorg.
>
>
> endrazine-
--
http://em386.blogspot.com
_______________________________________________
Dailydave mailing list
Dailydave_at_lists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Received on Mar 03 2007
Intro
