What application(s) block a process from executing code in heap space?

Support for security such as Firewalls and securing linux
Post Reply
bhaskar
Posts: 1
Joined: 2006/09/15 21:10:24
Contact:

What application(s) block a process from executing code in h

Post by bhaskar » 2006/09/15 21:25:27

Please excuse my ignorance of CentOS - I am personally a user of Debian family distributions.

GT.M, a FOSS project that I manage (http://www.sanchez-gtm.com - http://sourceforge.net/projects/sanchez-gtm) dynamically compiles and executes code (it is a feature of the MUMPS language), which means that it needs the ability execute code in heap space. Since executing code in heap space is not normally something that most software needs, the default setting of SE Linux as well as related layered security software such as exec shield, grsecurity, PaX, etc. is to not permit processes to execute code in heap space. We know how to persuade SE Linux, for example, to permit a GT.M process to execute code in heap space.

Here's the issue. A user of the software reports that GT.M runs fine on CentOS 3.x, but on CentOS 4.x he is not able to get it to run. It generates a segmentation fault every time, and this is a signature of GT.M getting killed by SE Linux, exec sheild etc. Indeed, the address at which it gets killed is in heap space. However, he says he has SE Linux turned off, and he is not able to find any other package like exec shield, grsecurity or PaX on the system.

So, could someone please tell me what layered security applications there are on CentOS 4 that are turned on by default, which either do not exist on CentOS 3.x or are not tiurned on by default on CentOS 3.x.

Thank you very much, in advance.

Regards
-- Bhaskar

Post Reply

Return to “CentOS 4 - Security Support”