> Hi,
> Currently i don't have a X-enabled hardened system (only a router).
> Would suggest at least two/three ways to check things.
> 1.start mozilla from a console, check/post error logs;
> 2.use 'strace' to start mozilla, post strace logs.
I already wrote about these two; no errors appear in any log or the
console. strace's novel finishes with:
.............
<lots of rt_sigprocmask() calls>
rt_sigaction(SIGINT, {0x8004599e, [], SA_RESTORER, 0x4009e1e8}, {SIG_DFL},
8) = 0
waitpid(-1,
(the output is really "cut" right there).
> 3.Same but use some debugger (gdb, other).
What exactly should I look for in gdb? The binary is stripped, shall I
rebuild?
> Check PaX flags on mozilla binary (chpax (deprecated) paxctl).
> Check/alter any grsec settings, through /proc (if enabled).
I have some grsec's features compiled in the kernel, but no additional
tuning has been made. This sounds likely a cause, thank
you for the tip, I'll check this stuff out as soon as I can.
-Roman
> HTH.Rumen
--
gentoo-user@gentoo.org mailing list
