Summary: | bind-9.4.0_rc2 crashes on a hardened linux box | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | barthek <gejzer> |
Component: | Hardened | Assignee: | The Gentoo Linux Hardened Team <hardened> |
Status: | RESOLVED DUPLICATE | ||
Severity: | normal | CC: | jnerin |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
barthek
2007-02-06 17:18:31 UTC
Bind-9.3.4 gives also same problems when compiled on hardened box. (PAX, PIE-SPP) No compiling errors. Starts and read zone's but after about 1 minute crashes. There also seems some problem with detecting ipv6 interfaces. Following use-flags are used (BIND-9.3.4): USE="berkdb ipv6 ldap mysql postgres ssl threads -dlz -doc -idn -odbc -resolvconf% (-selinux)" And here the last lines in my syslog at which Bind seems to crash: Feb 8 00:57:31 tux named[2920]: zone_timer: zone id.server/CH: enter Feb 8 00:57:31 tux named[2920]: zone_timer: zone id.server/CH: enter Feb 8 00:57:31 tux named[2920]: zone_maintenance: zone id.server/CH: enter Feb 8 00:57:31 tux named[2920]: zone_maintenance: zone id.server/CH: enter I don't know if these are common end lines when starting 9.3.4, but for 9.3.2-r4 the next messages appear: Feb 8 11:42:58 tux named[4222]: zone_timer: zone id.server/CH: enter Feb 8 11:42:58 tux named[4222]: zone_timer: zone id.server/CH: enter Feb 8 11:42:58 tux named[4222]: zone_maintenance: zone id.server/CH: enter Feb 8 11:42:58 tux named[4222]: zone_maintenance: zone id.server/CH: enter Feb 8 11:43:05 tux named[4222]: received control channel command 'null' Feb 8 11:43:05 tux named[4222]: received control channel command 'null' Feb 8 11:43:05 tux named[4222]: received control channel command 'status' Feb 8 11:43:05 tux named[4222]: received control channel command 'status' So, maybe there is something wrong with calling the command channel. Hope this will help to solve the problem. ma bind 9.3.4 on a hardened box crashed with "named: stack smashing attack in function query_find()" (In reply to comment #2) > ma bind 9.3.4 on a hardened box crashed with "named: stack smashing attack in > function query_find()" > Please see Bug 158664 in regard to bind 9.3.4 Definitely a dupe of #158664 - I had the same issue and it's now been addressed. I can confirm that bind-9.4.0-r2 works fine here. Guess noone should bother about 9.4.0_rc2 anymore! :) *** This bug has been marked as a duplicate of bug 158664 *** |