|
| |
| | PaX - Wikipedia, the free encyclopedia |
 | | PaX also cannot block some format string bug based attacks, which may allow arbitrary reading from and writing to data locations in memory using already existing code; the attacker does not need to know any internal addresses or inject any code into a program to execute these types of attacks. | | | PaX flags data memory as non-executable and program memory as non-writable, and randomly arranges the program memory. | | | PaX offers executable space protections, using (or emulating in operating system software) the functionality of an NX bit (i.e., built-in CPU/MMU support for memory contents execution privilege tagging). |
|
http://en.wikipedia.org/wiki/PaX_%28Linux%29
(3695 words)
|
|
| |
| | Linux: pax |
| | pax will write to standard output a table of contents of the members of the archive file read from standard input, whose pathnames match the specified patterns. | | | pax extracts the members of the archive file read from the standard input, with pathnames matching the specified patterns. | | | When pax is in the write or copy mode, the optional trailing field [c][m] can be used to determine which file time (inode change, file modification or both) are used in the comparison. |
|
http://www.linuxforum.com/man/pax.1.php
(3278 words)
|
|
| |
| | pax.1 |
| | Otherwise, pax stores all information available with other archive formats in extended zip file headers, so if archive portability is of no concern, the zip implementation in pax can archive complete Unix file hierarchies. | | | The implementation of pax is limited to expanded numerical fields and long file names; in particular, there is no support for sparse files or incremental backups. | | | The pax format is an extension to the ustar format. |
|
http://heirloom.sourceforge.net/man/pax.1.html
(2489 words)
|
|
| |
| | Hacks From Pax: Linux File & Directory Permissions Mistakes - The Community's Center for Security |
| | Pax Dickinson has over ten years of experience in systems administration and software development on a wide variety of hardware and software platforms. | | | One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. | | | In fact, because of their insecurity, modern versions of Linux do not allow their use and will not respect the suid or sgid bits on shell scripts. |
|
http://www.linuxsecurity.com/content/view/119415/49
(896 words)
|
|
| |
| | Bloggitation » Hardening |
| | Gotcha: the basic problem is that in C lots of functions use the return value to indicate error and to return valuable data. | | | A good summary of the PaX vs no-exec problem with a lot of links to useful information. | | | The Linux 2.6 kernel introduced a new feature that speeds up or simplifies certain operations, such as system calls or returns from signal handlers…The so-called vsyscall page exists in every task at the same fixed address and it contains machine code that is very useful in performing the return-to-libc style attack… |
|
http://zh.yazzy.org/blog/archives/category/hardening
(2413 words)
|
|
| |
| | PaX Linux Kernel 2.6 Patches DoS Advisory |
| | Kernel Mode Linux is a technology which enables the execution of user programs in a kernel mode. | | | A bug in versions of the Linux kernel prior to Version 2.4.23 allows users on a Linux machine to gain unlimited access privileges, according to an advisory from developers of the Debian Linux distribution. | | | Unlike kernel modules, user programs are executed as ordinary processes (except for their privilege level), so scheduling and paging are performed as usual. |
|
http://www.stargeek.com/item/116092.html
(2465 words)
|
|
| |
| | [No title] |
| | Only Linux distribution developers should say Y here, and + never on a production machine, as this option creates an information + leak that could aid an attacker in defeating the randomization of + a single memory region. | | | The purpose of the feature is + to help Linux distribution developers get rid of libraries and + binaries that need text relocations which hinder the future progress + of PaX. | | | While protecting against + the former approach is beyond PaX, the latter can be prevented + by having only PIC ELF libraries on one's system (which do not + need to relocate their code). |
|
http://dev.gentoo.org/~solar/grsecurity/grsecurity-2.1.1-2.4.29-rc3-200501171609.patch
(10286 words)
|
|
| |
| | [No title] |
| | [pax:~]% procinfo Linux 2.0.36 (root@pax) (gcc 2.7.2.3) #1 Wed Jul 25 21:40:16 EST 2001 [pax] Memory: Total Used Free Shared Buffers Cached Mem: 95564 90252 5312 31412 33104 26412 Swap: 68508 0 68508 Bootup: Sun Jul 21 15:21:15 2002 Load average: 0.15 0.03 0.01 2/58 8557... | | | But you're a Linux expert and you knew this already. | | | Finally, I'll compare the load average with other averaging techniques used in performance analysis and capacity planning. |
|
http://www.luv.asn.au/overheads/NJG_LUV_2002/luvSlides.html
(1153 words)
|
|
| |
| | The Linux Game Tome |
| | Now the Gemhunters problem, the game compiles fine, downloaded the pax files (as both binary and source) and copied them to their relevant place in.gemhun/pax and... | | | As for me I could use the prebuild pax on linux and on windows without rebuilding it... | | | As a user, copying the pax files to Gemhunters/data/pax finds the files but it still locks up |
|
http://www.happypenguin.org/show?GemHunters
(1610 words)
|
|
| |
| | Linux: PaX vs. ExecShield, An ExecShield Perspective |
| | ES has been actively developed since it was poorly implemented in 2003. | | | On x86, VM space is scarce so PaX's halving of the VM space is a | | | short example: Ingo mentions how he added NX support on kernel land memory itself thereby solving what in PaX i call KERNEXEC (and which by no means is a complete solution yet, i have work to do myself). |
|
http://kerneltrap.org/node/4590
(4023 words)
|
|
| |
| | PaX - Gentoo Linux Wiki |
| | Pax is a kernel level memory protection system for Linux. | | | This separation goes as far as to assure that memory may not be written to before it is executed, except by the kernel as a part of loading an executable segment into memory. | | | This also prevents attackers from discovering the location of the GOT, which forces any attempt to execute pre-existing program code to be left up to guesses and probability. |
|
http://gentoo-wiki.com/PaX
(318 words)
|
|
| |
| | Pax, pax world fund, download pax romana |
| | An image database software that organizes, measures, analyzes and creates reports from images in an electronic filing system. | | | Find pax at one of the best sites the Internet has to offer! | | | This page hosts various documentation and source code for PaX. |
|
http://www.funfind.net/pax.html
(1245 words)
|
|
| |
| | PaX ASLR denial of service vulnerability |
| | Gentoo Technologies, Inc. : Gentoo Linux 1.4 rc3 | | | Gentoo Technologies, Inc. : Gentoo Linux 1.4 rc2 | | | Gentoo Technologies, Inc. : Gentoo Linux 1.4 rc1 |
|
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=28128
(121 words)
|
|
| |
| | Computer Recycling News Articles Index |
| | Old computers good as new in Linux labs | | | Pax World Funds Brings Computer Trash Out of the Closet | | | Lake County offers safe ways to dump aging computers |
|
http://www.recycles.org/news/index.htm
(326 words)
|
|
| |
| | ISS X-Force Database: pax-aslr-enabled-dos(16037): PaX ASLR enabled denial of service |
| | Upgrade to the latest version of PaX (2.6 2004.05.01 17:00 GMT or later), available from the PaX Web site. | | | BugTraq Mailing List, Sun May 09 2004 - 18:35:04 CDT, PaX DoS proof-of-concept at http://archives.neohapsis.com/archives/bugtraq/2004-05/0069.html. | | | The information within this database may change without notice. |
|
http://xforce.iss.net/xforce/xfdb/16037
(325 words)
|
|
| |
| | tech-pkg: Re: PKGNAME for port of OpenBSD's pax to Suse Linux?? |
| | tech-pkg: Re: PKGNAME for port of OpenBSD's pax to Suse Linux?? | | | Subject: Re: PKGNAME for port of OpenBSD's pax to Suse Linux?? | | | > > I packaged up OpenBSD's pax port used with Suse Linux. |
|
http://mail-index.netbsd.org/tech-pkg/2003/06/11/0002.html
(111 words)
|
|
| |
| | find pax solaris serials cracks hacking warez at www.darktoolbox.net |
| | ...- PaX and return-into-lib exploits 4.3 - PaX and mmap base randomization 5... | | | ...Overlap Linux Favors New Data for Forward Overlap Solaris 2.6 Always... | | | ...17:34:04 72k 0x46f090df The advanced return-into-lib c exploits: PaX case... |
|
http://www.darktoolbox.net/pax+solaris.html
(150 words)
|
|
| |
| | Linux Security - PaX, Xorg, and Nvidia Drivers |
| | the linux system that it is being installed on, and, if it cannot find a | | | Because the article only states that binary drivers cause problems with PaX | | | Nvidia and ATI, would not work when using PaX with Xorg. |
|
http://www.webservertalk.com/archive91-2004-11-503829.html
(164 words)
|
|
| |
| | OpenNET security: [UNIX] PaX Linux Kernel Patch DoS |
| | DETAILS Vulnerable Systems: * PaX kernel patch for the Linux kernel 2.6, versions prior to 2004.05.01 Immune Systems: * PaX kernel patch version 2004.05.01 The denial-of-service condition arises when ASLR is enabled. | | | Журнал Linux Format #2(71), октябрь 2005 + DVD (Trustix/CentOS + Software) - 200 руб. | | | Ubuntu Linux 5.10 i386 (1CD) - 95 руб. |
|
http://www.linux.opennet.ru/base/linux/1083688684_651.txt.html
(390 words)
|
|
| |
| | SecuriTeam.com ™ - PaX Linux Kernel Patch DoS (Exploit) |
| | A proof-of-concept exploit code is provided below to demonstrate the problem. | | | Qpopper Poppassd Local Root (Linux, FreeBSD, Exploit, ld.so.preload) | | | "if you run Linux 2.6.x-PaX or -grsec, this may \"hurt\" your CPU(s) a little,\n" |
|
http://www.securiteam.com/exploits/5YP0H0ACUO.html
(355 words)
|
|
| |
| | [No title] |
| | defined(CONFIG_PAX_RANDKSTACK) -extern unsigned int pax_aslr; -#endif - -extern unsigned int pax_softmode; -#endif +#ifdef CONFIG_PAX +/* + * PaX vars + */ +# if defined(CONFIG_PAX_PAGEEXEC) && defined(CONFIG_PAX_SEGMEXEC) + extern unsigned int pax_default_nx; /*Default NX method + PF_PAX_SEGMEXEC or PF_PAX_PAGEEXEC*/ +# endif /*CONFIG_PAX_PAGEEXEC && CONFIG_PAX_SEGMEXEC*/ +# ifdef CONFIG_PAX_SOFTMODE +# if defined(CONFIG_PAX_RANDMMAP) |
|
http://pax.wooyd.org/pax-2.6.7-pax_default_nx-stat_sysctl.patch
(120 words)
|
|
| |
| | Gentoo Linux Documentation -- Hardened Gentoo PaX Quickstart |
| | Grab one of the recommended source trees, or apply the appropriate patch from http://pax.grsecurity.net to your own tree and configure it as you normally would for the target machine. | | | This prevents a common form of attack where executable code is inserted into memory by an attacker. | | | Some legitimate applications will attempt to generate code at run time which is executed out of memory. |
|
http://www.gentoo.org/proj/en/hardened/pax-quickstart.xml
(859 words)
|
|
| |
| | Ελεύθερο Λογισμικό και Linux στην Ελλάδα: PaX Linux |
| | I have a linux server related website, please visit and hope that it is helpful to you | | | Ελεύθερο Λογισμικό και Linux στην Ελλάδα: PaX Linux | | | This is a paragraph of text that could go in the sidebar. |
|
http://velonis.blogspot.com/2005/01/pax-linux.html
(281 words)
|
|
| |
| | grsecurity |
| | Patches for Linux 2.0/2.2/2.4 that provide among a few other features: symlink, hardlink, and fifo restrictions, which grsecurity has integrated. | | | Additions to the Openwall Project's Linux kernel patch for Linux 2.0/2.2 that provided the basis for several of the chroot restrictions present in grsecurity. | | | Extensive documentation on the design and implementation of all of the features of PaX |
|
http://grsec.linux-kernel.at/links.php
(147 words)
|
|
| |
| | [No title] |
| | Begin3 Title: pax Version: 2.1 Entered-date: 3 November 96 Description: POSIX Portabile Archive/Interchange File Format utility Keywords: pax archive Author: mark@Minnetech.MN.ORG | | | Primary-site: sunsite.unc.edu /pub/Linux/ Alternate-site: Original-site: Platform: Linux, OS/2, MSDOS, AIX (should be any, but not tested) Copying-policy: Freeware, with retained, 'must name author', copyright End |
|
http://www.gtlib.cc.gatech.edu/pub/Linux/utils/compress/pax.lsm
(46 words)
|
|
| |
| | Hungarian Unix Portal - PaX patch a 2.6-os kernelhez |
| | A patchelt kernelen file alapon tudjuk a PaX jelzőket állítani. | | | A PaX Team-nek köszönhetően elérhető egy kísérleti PaX biztonsági patch a 2.6-os (2.6.0) Linux kernelhez. | | | Hungarian Unix Portal - PaX patch a 2.6-os kernelhez |
|
http://www.hup.hu/modules.php?name=News&file=print&sid=5045
(369 words)
|
|
| |
| | tech-pkg: pax on Linux |
| | For the basic linux system only installed the absolute bare minimum, and now I'm in the process of installing packages via pkgsrc. | | | Note that pax is installed in /bin/pax, but /usr/pkgsrc/mk/defs.Linux.mk sets it to ${ZOULARISBASE}/bin/pax -- this needs tweaking, obviously. | | | :) Attached are patches that were necessary for me to install pax from pkgtools/pkgsrc. |
|
http://mail-index.netbsd.org/tech-pkg/2002/08/21/0009.html
(200 words)
|
|
| |
| | Homepage of PaX |
| | This page hosts various documentation and source code for PaX. | | | PaX regression test suite developed by Peter Busser for Adamantix. | | | NOTE: all versions for 2.2 before 2005.03.05 have a privilege elevation bug, you must update as soon as possible. |
|
http://pax.grsecurity.net
(560 words)
|
|
| |
| | plus-linux.de: PaX |
| | file last update comment docs 2003.03.20 01:30 GMT design and implementation of PaX linux 2.2.21 2002.07.31 14:55 GMT correct locking in the page fault handler linux 2.4.20 2003.04.04 21:14 GMT KERNEXEC on i386, works only without module support. | | | PaX TuX by moolok This page hosts various documentation and source code for PaX. | | | chpax.tar.gz 2003.04.01 16:57 GMT this is the new version, use it for PaX patches released after 2003.02.03. |
|
http://www.plus-linux.de/wiki.cgi?PaX
(171 words)
|
|
| |
| | SecuriTeam.com ™ Unix Focus Archive 2004 |
| | Buffer Overflow in ISO9660 File System Component of Linux Kernel | | | Cleartext SMB Passwords in Novell Desktop Linux using KDE | | | Linux Virtual Server/Secure Context Procfs Shared Permissions Flaw |
|
http://www.securiteam.com/unixfocus/archive2004.html
(789 words)
|
|
| |
| | LINUXSECURE |
| | [*] At the Sounding Edge: Music Notation Software For Linux (Linux Journal) | | | It might be possible to leverage this issue to access sensitive information from kernel memory. | | | Discussion: It has been reported that the Linux kernel may be prone to a memory leakage vulnerability. |
|
http://www.linuxsecure.de/index.php?action=51&count=5
(556 words)
|
|
| |
| | [No title] |
| | */ + printk(KERN_ERR "PAX: wtf, task: %s:%d, CS:EIP: %04X:%08lX, SS:ESP: %04X:%08lX\n", tsk->comm, tsk->pid, regs->xcs, regs->eip, regs->xss, regs->esp); + goto pax_emu; + } else if (linear_cseip == address) { + if (((regs->eip & 0xF) | | | VM_MAYEXEC; + /* PaX: grant write access to executable mappings, even if it w asn't + explicitly requested (hint: relocation). | | | video RAM), don't a pply PaX */ + if ((vma->vm_flags & VM_IO) && !(vma->vm_flags & VM_EXEC)) { + vma->vm_flags = VM_EXEC |
|
http://www.packetstormsecurity.com/linux/security/pax-linux-2.2.17.patch
(659 words)
|
|
| |
| | Hungarian Unix Portal - PaX ASLR Linux 2.6 előzetes port |
| | Hungarian Unix Portal - PaX ASLR Linux 2.6 előzetes port | | | Jelenleg egyedül az i386 architektúra támogatott, de hamarosan várható a többi is, valamint a 2.6-hoz passzoló PaX obscurity folt. | | | Julien Tinnes elkészítette a PaX Address Space Layout Randomization (RANDMMAP, RANDEXEC, ET_DYN, RANDKSTACK) előzetes portját a Linux 2.6.0-test8-as kernelhez. |
|
http://www.hup.hu/modules.php?name=News&file=print&sid=4616
(48 words)
|
|
| |
| | Welcome to PAX and Mirko Fluher's Home Page |
| | All you ever wanted to know about Unix | | | ELCOME TO This is the World Wide Web page for PAX, a LINUX box in the Australian Public Access Network Association network and LUV. | | | Welcome to PAX and Mirko Fluher's Home Page |
|
http://pax.apana.org.au
(48 words)
|
|
| |
| | The SIN Raven Quake II Site |
| | But keep in mind that you will depend on saving the game as you proced in the level´s, like you depend in the air that you breed.... | | | You must keep in mind that because Pax Imperia uses Knightmare engine source code, is almoast impossible and extremly hard to convert and port it to legacy Quake II engine. | | | , soo you must use them if you whant to play Pax Imperia. |
|
http://www.markshan.com/thesinraven/pax_imperia.htm
(303 words)
|
|
| |
| | Pax - Wikipedia, the free encyclopedia |
| | This is a disambiguation page, a list of pages that otherwise might share the same title. | | | PAX (Penny Arcade Exposition), an annual video game convention held at the Meydenbauer Center at Bellevue, Washington. | | | i, a U.S. television network (formerly the PAX Network) |
|
http://en.wikipedia.org/wiki/Pax
(151 words)
|
|
| |
| | 5799: PaX ASLR Local DoS |
| | Currently, there are no known workarounds or upgrades to correct this issue. | | | This entry was last updated on May 28, 2004. | | | Our goal is to provide accurate, detailed, current, and unbiased technical information. |
|
http://www.osvdb.org/5799
(211 words)
|
|
| |
| | PaX kernel patch for Red Hat Linux |
| | You will need the according spec file to build the PaX kernel. | | | That would mean you can drop all first hunks in the ix86.config file patches. | | | If you patch linux-2.4.20/arch/i386/vmlinux.lds.S in the original PaX patch tree against linux-2.4.20/arch/i386/vmlinux.lds in the Red Hat tree you should be able to reenable CONFIG_KALLSYMS in the configs. |
|
http://www.ottolander.nl/opensource/pax/pax.html
(234 words)
|
|
| |
| | Linux: PaX: Solução eficiente para segurança em Linux [Artigo] |
| | Linux: PaX: Solução eficiente para segurança em Linux [Artigo] | | | A mitologia da imunidade a vírus no Linux | | | PaX é um patch para o kernel do Linux que vem implementar muitas melhorias em nosso sistema, tornando-o muito mais seguro e estável. |
|
http://www.vivaolinux.com.br/artigos/verArtigo.php?codigo=1064
(392 words)
|
|
| |
| | ALT Linux - Главная |
| | C 1 октября по 1 ноября 2005 года ALT Linux проводит акцию по поддержке миграции унаследованных приложений для ОС DOS на Linux. | | | Интернет-университет информационных технологий — ИНТУИТ.ру выпустил новый учебник «Операционная система Linux», подготовленный сотрудниками ALT Linux. | | | В курсе даются основные понятия операционной системы Linux и важнейшие навыки работы в ней. |
|
http://www.altlinux.ru/index.php?module=sisyphus&package=pax
(104 words)
|
|
| |
| | Pax Romana - Hutchinson encyclopedia article about Pax Romana |
| | You may also use the word browser links: | | | This information should not be considered complete, up to date, and is not intended to be used in place of a visit, consultation, or advice of a legal, medical, or any other professional. | | | Pax Romana is not available in the Hutchinson encyclopedia. |
|
http://encyclopedia.farlex.com/Pax+Romana
(88 words)
|
|
| |
| | Secunia - Advisories - PaX Denial of Service Vulnerability |
| | The vulnerability is caused due to an error within the "mmap()" mechanism and may cause the kernel to enter an infinite loop. | | | borg has discovered a vulnerability in PaX, which can be exploited by malicious, local users to cause a DoS (Denial of Service). | | | Ideas, suggestions, and other feedback is most welcome. |
|
http://www.secunia.com/advisories/11518
(261 words)
|
|
| |
| | Pax -- Facts, Info, and Encyclopedia article |
| | The word Pax ((Any dialect of the language of ancient Rome) Latin: Peace) has several meanings: | | | (Click link for more info and facts about PAX Network) PAX Network, a U.S. television network | | | pax - an "abbreviation" used in the travel industry for passengers |
|
http://www.absoluteastronomy.com/encyclopedia/p/pa/pax.htm
(153 words)
|
|
| |
| | PaX obscurity patch |
| | Preventing information leaking is beyond the scope of PaX, that's why this patch exists. | | | If you use grsecurity, you're already safe, /proc information leaking is prevented since the begining and I reported Alt-GR+ScrollLock to spender who fixed it quickly. | | | This is a small patch to use with PaX enabled kernel. |
|
http://cr0.org/pax-obscure
(172 words)
|
|
|
