Error message (dmesg): grsec: signal 11 sent to /usr/kde/3.5/bin/kdeinit[kio_http:5260] uid/euid:1000/1000 gid/egid:100/100, parent /usr/kde/3.5/bin/kdeinit[kdeinit:4747] uid/euid:1000/1000 gid/egid:100/100 * kde-base/kdebase-kioslaves Latest version available: 3.5.9 Latest version installed: 3.5.9 Expected page to load but GRsecurity kills kio slave (see above) when accessing certain secure websites (ssl) (on form submit (POST) Reproducible: Always Steps to Reproduce: 1. Log into hsbc.co.uk 2. 3. Actual Results: Error message in browser that protocol died unexpectedly. Can access page with mozilla firefox. Expected Results: Page loads Running hardened linux with grsec (see emerge info) Portage 2.1.4.4 (hardened/x86/2.6, gcc-3.4.6, glibc-2.6.1-r0, 2.6.24-hardened-r3 i686) ================================================================= System uname: 2.6.24-hardened-r3 i686 AMD Processor model unknown Timestamp of tree: Mon, 06 Oct 2008 21:45:04 +0000 app-shells/bash: 3.2_p33 dev-java/java-config: 1.3.7, 2.1.6 dev-lang/python: 2.4.4-r14, 2.5.2-r7 dev-python/pycrypto: 2.0.1-r6 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.61-r2 sys-devel/automake: 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.23-r3 ACCEPT_KEYWORDS="x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=athlon64 -O2 -pipe -fforce-addr" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-march=athlon64 -O2 -pipe -fforce-addr" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks metadata-transfer parallel-fetch sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LINGUAS="en_GB" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="3dnow X a52 aac acpi alsa apache2 apm bash-completion bittorrent bzip2 calendar cddb cdinstall cdparanoia cdr chroot clamav cli cracklib crypt css cvs dbx dedicated directfb dvd dvdr encode ffmpeg firefox gif gimp glut hardened hddtemp java javascript jpeg jpeg2k kde latex mad maildir mbox mhash midi mng mp3 mpeg mplayer mysqli nls nptl nptlonly nsplugin offensive ogg opengl pam pax pcre pdf php pic pie png postgres quicktime rdesktop readline real samba sdl server spell sse sse2 ssl subversion svnserve tcpd tetex tidy tiff truetype unicode urandom vcd videos vim-syntax vnc vorbis win32codecs wmf x86 xine xml xorg xv xvid xvmc zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="mouse keyboard" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en_GB" USERLAND="GNU" VIDEO_CARDS="nv vesa" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
not a security issue, reassigning to hardened.
That's not grsec killing the process, simply logging the signal 11. However, I use KDE too and started getting this around the time of the last openssl update. Sometimes it dies, sometimes it works. I've tried recompiling kdebase-kioslaves and konqueror to no avail. It is quite annoying but haven't had the time to go much deeper than that. I suspect more users are having this (new) issue.
Could you please recompile kdelibs and see if the problem still occurs?
(In reply to comment #3) > Could you please recompile kdelibs and see if the problem still occurs? > Recompiling kdelibs, kdebase-kioslaves and konqueror in that order then restarting X+KDE seems to have fixed it. Thanks! Leaving bug to KDE team to do with as they please from here.
OK :-) Tnx Will rebuild kde-libs/konqueror as soon as I can sync :-( Will reopen if still getting error after that...
