/[gentoo]/xml/htdocs/proj/en/hardened/pax-quickstart.xml
Gentoo

Diff of /xml/htdocs/proj/en/hardened/pax-quickstart.xml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.15 Revision 1.16
1<?xml version='1.0' encoding="UTF-8"?> 1<?xml version='1.0' encoding="UTF-8"?>
2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/proj/en/hardened/pax-quickstart.xml,v 1.15 2013/01/04 20:59:04 blueness Exp $ --> 2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/proj/en/hardened/pax-quickstart.xml,v 1.16 2013/01/13 02:02:59 blueness Exp $ -->
3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> 3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
4 4
5<guide lang="en"> 5<guide lang="en">
6<title>Hardened Gentoo PaX Quickstart</title> 6<title>Hardened Gentoo PaX Quickstart</title>
7 7
965/usr/bin/python3.2: 965/usr/bin/python3.2:
966 PT_PAX: -em-- 966 PT_PAX: -em--
967 XT_PAX: -em-- 967 XT_PAX: -em--
968</pre> 968</pre>
969 969
970<!--
970<p> 971<p>
971One final note about revdep-pax's internals. It currently uses a "mixed" approach to 972One final note about revdep-pax's internals. It currently uses a "mixed" approach to
972finding all the ELF objects on a system and their shared objects. To get the list of 973finding all the ELF objects on a system and their shared objects. To get the list of
973objects it uses Gentoo's portage database at /var/db/pkg, but to get the linkings, it uses 974objects it uses Gentoo's portage database at /var/db/pkg, but to get the linkings, it uses
974/usr/bin/ldd which is a bash script wrapper to `LD_TRACE_LOADED_OBJECTS=1 /lib/ld-linux.so.2` 975/usr/bin/ldd which is a bash script wrapper to `LD_TRACE_LOADED_OBJECTS=1 /lib/ld-linux.so.2`
9782) There will be a revdep-pax-ng which will not assume a Gentoo system, but rather 9792) There will be a revdep-pax-ng which will not assume a Gentoo system, but rather
979construct a list ELF objects collected from a combined $PATH for the executables and 980construct a list ELF objects collected from a combined $PATH for the executables and
980/etc/ld.so.conf for the shared objects. This utility will work on non-Gentoo systems 981/etc/ld.so.conf for the shared objects. This utility will work on non-Gentoo systems
981and be more exhaustive than revdep-pax, but much slower. Here -ng stands for Not Gentoo. 982and be more exhaustive than revdep-pax, but much slower. Here -ng stands for Not Gentoo.
982</p> 983</p>
984-->
983 985
984<p><b>6. migrate-pax</b></p> 986<p><b>6. migrate-pax</b></p>
985<p> 987<p>
986At this point you're probably fed up with dealing with both PT_PAX and XATTR_PAX 988At this point you're probably fed up with dealing with both PT_PAX and XATTR_PAX
987fields and their relationship to the kernel's configuration, and you just want to 989fields and their relationship to the kernel's configuration, and you just want to
988drop the older PT_PAX and get on with life! migrate-pax does only that ... it 990drop the older PT_PAX and get on with life! migrate-pax does only that ... it
989will go through all ELF objects on your system and migrate the PT_PAX field to 991will go through all ELF objects on your system and migrate the PT_PAX field to
990XATTR_PAX. That's it. 992XATTR_PAX. For more details on how to migrate, see our guide on
993<uri link='pax-migrate-xattr.xml'>migrating PaX flags from PT_PAX to XATTR_PAX</uri>.
991</p> 994</p>
992<pre caption="migrate-pax -h"> 995<pre caption="migrate-pax -h">
993Package Name : elfix 996Package Name : elfix
994Bug Reports : http://bugs.gentoo.org/ 997Bug Reports : http://bugs.gentoo.org/
995Program Name : migrate 998Program Name : migrate

Legend:
Removed from v.1.15  
changed lines
  Added in v.1.16

  ViewVC Help
Powered by ViewVC 1.1.20