Re: DEFAULT_MMAP_MIN_ADDR change breaks ssh on arm
[ adding relevant cc peoples to your message, no more insight ]
On Wed, Mar 19, 2008 at 06:46:37PM +0100, Martin Michlmayr wrote:
> The following change
>
> r10769 | maks | 2008-03-10 17:03:03 +0100 (Mon, 10 Mar 2008) | 8 lines
>
> security: set DEFAULT_MMAP_MIN_ADDR to 65536
>
> Low address space to protect from user allocation, see
> a5ecbcb8c13ea8a822d243bf782d0dc9525b4f84, runtime tunable on
> /proc/sys/vm/mmap_min_addr. let's see if we get any fallout.
> double checked after Kconfig recommendation that fedora uses
> that recommendation too.
>
> breaks ssh on arm. While root can still log in via ssh, normal users
> cannot. ssh almost manages to log in but when it comes to starting a
> shell the connection simply closes. Changing DEFAULT_MMAP_MIN_ADDR
> back to 0 fixes this.
>
> maks, should I simply set DEFAULT_MMAP_MIN_ADDR to 0 on ARM or should
> I report this to the SE Linux folks or someone else? I've no idea how
> SE Linux works, so any help is welcome.
> --
> Martin Michlmayr
> http://www.cyrius.com/
Reply to: