because of the do_brk() bug, I updated my kernel and choosed to use a security
enhanced kernel for my server, that does dhcp amongst other things. I chosed
wolk-sources after the gentoo hardened-sources hard-locked up the server. this
time it wouldn't lock up, instead just kill dhcp. Here is what I could gather
from the log files. It seems to occur when a windows dhcp client goes online
(here named 'eva')

Dec  8 20:04:31 [dhcpd] DHCPDISCOVER from 00:10:dc:8a:8f:cc (eva) via eth0
Dec  8 20:04:32 [dhcpd] DHCPOFFER on 192.168.0.20 to 00:10:dc:8a:8f:cc (eva) via
eth0
Dec  8 20:04:32 [dhcpd] Wrote 0 deleted host decls to leases file.
Dec  8 20:04:32 [dhcpd] Wrote 0 new dynamic host decls to leases file.
Dec  8 20:04:32 [dhcpd] Wrote 4 leases to leases file.
Dec  8 20:04:32 [dhcpd] Can't backup lease database /var/lib/dhcp/dhcpd.leases to
 /var/lib/dhcp/dhcpd.leases~: Operation not permitted
Dec  8 20:04:32 [kernel] grsec: denied hardlink of /var/lib/dhcp/dhcpd.leases (ow
ned by 0.0) to /var/lib/dhcp/dhcpd.leases~ for (dhcpd:2086) UID(1034) EUID(1034),
 parent (init:1) UID(0) EUID(0)
Dec  8 20:04:32 [dhcpd] DHCPREQUEST for 192.168.0.20 (192.168.0.10) from 00:10:dc
:8a:8f:cc (eva) via eth0
Dec  8 20:04:32 [dhcpd] DHCPACK on 192.168.0.20 to 00:10:dc:8a:8f:cc (eva) via et
h0
Dec  8 20:04:56 [kernel] grsec: chdir to /etc/dnscachex/log/main by (multilog:119
55) UID(1013) EUID(1013), parent (supervise:21081) UID(0) EUID(0)
                - Last output repeated twice -
Dec  8 20:09:32 [dhcpd] Wrote 0 deleted host decls to leases file.
Dec  8 20:09:32 [dhcpd] Wrote 0 new dynamic host decls to leases file.
Dec  8 20:09:32 [dhcpd] Wrote 0 deleted host decls to leases file.
Dec  8 20:09:32 [dhcpd] Wrote 0 new dynamic host decls to leases file.

now the above 2 log lines will repeat for a couple thousand times, until this
happens:

Dec  8 20:09:40 [dhcpd] Wrote 0 deleted host decls to leases file.
Dec  8 20:09:40 [dhcpd] Wrote 0 new dynamic host decls to leases file.
Dec  8 20:09:40 [kernel] grsec: attempted resource overstep by requesting 8388608
 for RLIMIT_STACK against limit 8388608 by (dhcpd:2086) UID(1034) EUID(1034), par
ent (init:1) UID(0) EUID(0)
Dec  8 20:09:40 [dhcpd] Wrote 0 deleted host decls to leases file.
Dec  8 20:09:40 [dhcpd] Wrote 0 new dynamic host decls to leases file.
Dec  8 20:09:40 [dhcpd] Wrote 0 deleted host decls to leases file.
Dec  8 20:09:40 [dhcpd] Wrote 0 new dynamic host decls to leases file.
Dec  8 20:09:40 [dhcpd] Wrote 0 deleted host decls to leases file.
Dec  8 20:09:40 [dhcpd] Wrote 0 new dynamic host decls to leases file.
Dec  8 20:09:40 [kernel] grsec: attempted resource overstep by requesting 8392704
 for RLIMIT_STACK against limit 8388608 by (dhcpd:2086) UID(1034) EUID(1034), par
ent (init:1) UID(0) EUID(0)


After this, dhcp is gone, ps -e |grep dhcp doesn't reveal anything and dhcp
clients fail to get an IP address


Reproducible: Couldn't Reproduce
Steps to Reproduce:
1. Enable grsecurity with even higher-than-maximal custom settings
2. start dhcp
3. let new dhcp clients get their IP addresses

Actual Results:  
It only seems to happen with the windows XP client (eva) but since my linux
client is recognized by its MAC address and has a fixated IP address by dhcp, I
can't say for sure it is because of that. I am unable to reproduce the error
right now (eva is a laptop that's not here) but suffice to say, it happened
several times

Expected Results:  
it shouldn't have crashed and given people their ip adresses =p

I am using a script to turn new dhcp leases into DNS entries, so unless someone
changes the hostname of the system, he'll always be reachable by e.g. eva.local

The script is a slightly altered version of this one:
http://www.thismetalsky.org/files/dhcp_dns/dhcp_dns/djb_update.pl


Emerge info output: 

Portage 2.0.49-r15 (default-x86-1.4, gcc-3.2.3, glibc-2.3.2-r3, 2.4.20-wolk4.9s)
=================================================================
System uname: 2.4.20-wolk4.9s i686 Pentium II (Deschutes)
Gentoo Base System version 1.4.3.10
distcc 2.11.1 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled]
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-march=pentium2 -O3 -pipe -s -fomit-frame-pointer -fstack-protector"
CHOST="i686-pc-linux-gnu"
COMPILER="gcc3"
CONFIG_PROTECT="/etc /var/qmail/control /usr/kde/2/share/config
/usr/kde/3/share/config /var/bind /usr/X11R6/lib/X11/xkb
/usr/kde/3.1/share/config /usr/share/config"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
CXXFLAGS="-march=pentium2 -O3 -pipe -s -fomit-frame-pointer -fstack-protector"
DISTDIR="/usr/portage/distfiles"
FEATURES="ccache -sandbox buildpkg distcc usepkg"
GENTOO_MIRRORS="http://gentoo.oregonstate.edu/
http://distro.ibiblio.org/pub/Linux/distributions/gentoo"
MAKEOPTS="-j4"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY=""
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="x86 oss apm avi crypt cups encode foomaticdb gif gtk2 jpeg gnome libg++ mad
mikmod mpeg ncurses nls pdflib png quicktime spell truetype xml2 xmms xv zlib
alsa gdbm berkdb slang readline arts tetex svga tcltk java guile X sdl gpm tcpd
pam perl python esd imlib oggvorbis gtk qt kde motif opengl mozilla ldap mysql
imap libwww maildir sasl ssl tctlk mmx"