Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 6 Nov 2011 19:02:52 +0100
From: Daniel Cegiełka <daniel.cegielka@...il.com>
To: owl-dev@...ts.openwall.com
Subject: Re: pax-utils

pax-utils is primarily for PaX, so without this patch is losing a lot
of functionality, like pspax tool:

entropy# pspax -h
* List ELF/PaX information about running processes

Usage: pspax [options]

Options:
  -a, --all         * Show all processes
  -e, --header      * Print GNU_STACK/PT_LOAD markings
  -i, --ipaddr      * Print ipaddr info if supported
  -p, --pid         * Process ID/pid #
  -u, --user        * Process user/uid #
  -g, --group       * Process group/gid #
  -n, --nx          * Only display w^x processes
  -w, --wx          * Only display w|x processes
  -W, --wide        * Wide output display of cmdline
  -v, --verbose     * Be verbose about executable mappings
  -C, --nocolor     * Don't emit color in output
  -B, --nobanner    * Don't display the header
  -h, --help        * Print this help and exit
  -V, --version     * Print version and exit


entropy# pspax
USER     PID    PAX    MAPS ETYPE      NAME             CAPS ATTR
root     1      PeMRs  w^x  ET_DYN     init             =ep
root     935    PeMRs  w^x  ET_DYN     udevd            =ep
root     1371   PeMRs  w^x  ET_DYN     udevd            =ep
root     1372   PeMRs  w^x  ET_DYN     udevd            =ep
root     1555   PeMRs  w^x  ET_DYN     syslogd          =
root     1597   PeMRs  w^x  ET_DYN     klogd            =
root     1683   PeMRs  w^x  ET_DYN     crond            =ep
root     1689   PeMRs  w^x  ET_DYN     ntpd             =
cap_net_bind_service,cap_sys_time+ep
root     1703   PeMRs  w^x  ET_DYN     login            =ep
root     1704   PeMRs  w^x  ET_DYN     mingetty         =ep
root     1705   PeMRs  w^x  ET_DYN     mingetty         =ep
root     1706   PeMRs  w^x  ET_DYN     mingetty         =ep

entropy# qlist pax-utils
/usr/share/man/man1/scanmacho.1.xz
/usr/share/man/man1/scanelf.1.xz
/usr/share/man/man1/pspax.1.xz
/usr/share/man/man1/dumpelf.1.xz
/usr/bin/dumpelf
/usr/bin/scanelf
/usr/bin/scanmacho
/usr/bin/pspax
/usr/bin/lddtree
/usr/bin/symtree

regards,
daniel


2011/11/6 Vasiliy Kulikov <segoon@...nwall.com>:
> Solar, all -
>
> We might want to include pax-utils in Owl:
>
> "pax-utils is a small set of various PaX aware and related utilities for
> ELF binaries. It was written for ELF Q/A on Gentoo systems but can be
> used on any distro."
>
> http://dev.gentoo.org/~solar/pax-utils/
> http://dev.gentoo.org/~solar/pax/pax-utils-0.1.16.tar.bz2
>
> Demo on Ubuntu:
>
> vasya@...atros:~$ scanelf -a /bin/*
>  TYPE    PAX   PERM ENDIAN STK/REL/PTL TEXTREL RPATH BIND FILE
>  ...
>  ET_EXEC PeMRxS 0755 LE RW- R-- RW-    -      -   LAZY /bin/bash
>  ...
>  ET_EXEC PeMRxS 0755 LE RW- R-- RW-    -      -   STATIC /bin/busybox
>  ...
>  ET_DYN PeMRxS 0755 LE RW- R-- RW-    -      -   LAZY /bin/dbus-daemon
>
>
> It shows whether PIE, GNU stack, -z * are enabled.  Unfortunately, no
> indication of FORTIFY_SOURCE or SSP.
>
> Thanks,
>
> --
> Vasiliy
>

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ