Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Paxtest: No Main executable randomization
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
tomas_m
n00b
n00b


Joined: 24 Oct 2016
Posts: 9

PostPosted: Thu Jan 19, 2017 3:20 am    Post subject: Paxtest: No Main executable randomization Reply with quote

Hi,
I'm using the the grsecurity-patched kernel.
My current kernel:
Code:
4.8.17-hardened-r2

My profile
Code:
 [14]  hardened/linux/amd64 *


When I run paxtest, this is the result:

Code:
Test results:
/usr/bin/paxtest: line 69: /usr/lib64/paxtest/x86_64-pc-linux-gnu-gcc: No such file or directory

Executable anonymous mapping             : Killed
Executable bss                           : Killed
Executable data                          : Killed
Executable heap                          : Killed
Executable stack                         : Killed
Executable shared library bss            : Killed
Executable shared library data           : Killed
Executable anonymous mapping (mprotect)  : Killed
Executable bss (mprotect)                : Killed
Executable data (mprotect)               : Killed
Executable heap (mprotect)               : Killed
Executable stack (mprotect)              : Killed
Executable shared library bss (mprotect) : Killed
Executable shared library data (mprotect): Killed
Writable text segments                   : Killed
Anonymous mapping randomization test     : 28 quality bits (guessed)
Heap randomization test (ET_EXEC)        : 22 quality bits (guessed)
Heap randomization test (PIE)            : 35 quality bits (guessed)
Main executable randomization (ET_EXEC)  : No randomization
Main executable randomization (PIE)      : 27 quality bits (guessed)
Shared library randomization test        : 28 quality bits (guessed)
VDSO randomization test                  : 28 quality bits (guessed)
Stack randomization test (SEGMEXEC)      : 35 quality bits (guessed)
Stack randomization test (PAGEEXEC)      : 35 quality bits (guessed)
Arg/env randomization test (SEGMEXEC)    : 39 quality bits (guessed)
Arg/env randomization test (PAGEEXEC)    : 39 quality bits (guessed)
Offset to library randomisation (ET_EXEC): 28 quality bits (guessed)
Offset to library randomisation (ET_DYN) : 27 quality bits (guessed)
Randomization under memory exhaustion @~0: 28 bits (guessed)
Randomization under memory exhaustion @0 : 28 bits (guessed)
Return to function (strcpy)              : paxtest: return address contains a NULL byte.
Return to function (memcpy)              : Vulnerable
Return to function (strcpy, PIE)         : paxtest: return address contains a NULL byte.
Return to function (memcpy, PIE)         : Vulnerable


From what I understand, Return to function (memcpy): Vulnerable is expected.
But what about
Code:
Main executable randomization (ET_EXEC)  : No randomization

I could swear I had randomization on previous installs.
Back to top
View user's profile Send private message
spidark
Tux's lil' helper
Tux's lil' helper


Joined: 01 Sep 2011
Posts: 142

PostPosted: Fri Jan 27, 2017 8:09 pm    Post subject: Reply with quote

Hi tomas_m
Could it be possible that your missing a file
Code:
Test results:
/usr/bin/paxtest: line 69: /usr/lib64/paxtest/x86_64-pc-linux-gnu-gcc: No such file or directory


Code:
/usr/lib64/paxtest/randmain1
Main executable randomization (ET_EXEC)  : 27 quality bits (guessed)


Code:
for i in x86_64-pc-linux-gnu-gcc anonmap execbss execdata execheap execstack shlibbss shlibdata mprotanon mprotbss mprotdata mprotheap mprotstack mprotshbss mprotshdata writetext randamap randheap1 randheap2 randmain1 randmain2 randshlib randvdso randstack1 randstack2 randarg1 randarg2 randshlibdelta1 randshlibdelta2 randexhaust1 randexhaust2 rettofunc1 rettofunc2 rettofunc1x rettofunc2x
do
        /usr/lib64/paxtest/$i || echo
done 2>&1 | tee -a $LOG


Code:
/usr/lib64/paxtest/randmain1
Main executable randomization (ET_EXEC)  : 27 quality bits (guessed)

_________________
Laptop HP Pavilion G6 2310-SD Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum