Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:94588 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 64159 invoked from network); 20 Jul 2016 15:11:15 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 20 Jul 2016 15:11:15 -0000 Authentication-Results: pb1.pair.com header.from=jacob.perkins@cpanel.net; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=jacob.perkins@cpanel.net; spf=permerror; sender-id=unknown Received-SPF: error (pb1.pair.com: domain cpanel.net from 208.74.121.68 cause and error) X-PHP-List-Original-Sender: jacob.perkins@cpanel.net X-Host-Fingerprint: 208.74.121.68 mx1.cpanel.net Received: from [208.74.121.68] ([208.74.121.68:35502] helo=mx1.cpanel.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id AA/CE-52781-0949F875 for ; Wed, 20 Jul 2016 11:11:14 -0400 Received: from ng2.cptxoffice.net ([208.74.121.106]:14020 helo=[10.7.7.38]) by mx1.cpanel.net with esmtpsa (TLSv1:ECDHE-RSA-AES256-SHA:256) (Exim 4.87) (envelope-from ) id 1bPt9S-0003pJ-9e for internals@lists.php.net; Wed, 20 Jul 2016 10:11:10 -0500 X-Pgp-Agent: GPGMail Content-Type: multipart/signed; boundary="Apple-Mail=_70F3CA36-953C-4D07-9D25-6FF387C72FB8"; protocol="application/pgp-signature"; micalg=pgp-sha512 Date: Wed, 20 Jul 2016 10:11:09 -0500 Message-ID: To: internals@lists.php.net Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\)) X-Mailer: Apple Mail (2.3124) X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - mx1.cpanel.net X-AntiAbuse: Original Domain - lists.php.net X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - cpanel.net X-Get-Message-Sender-Via: mx1.cpanel.net: authenticated_id: jacob.perkins@cpanel.net X-Authenticated-Sender: mx1.cpanel.net: jacob.perkins@cpanel.net Subject: PHP7 w/grsecurity & anonymous mapping From: jacob.perkins@cpanel.net (Jacob Perkins) --Apple-Mail=_70F3CA36-953C-4D07-9D25-6FF387C72FB8 Content-Type: multipart/alternative; boundary="Apple-Mail=_117F7BAE-5127-43CE-811D-A99FE701A8D1" --Apple-Mail=_117F7BAE-5127-43CE-811D-A99FE701A8D1 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Good morning! We received a support ticket from a customer who=E2=80=99s using our PHP = 7 binaries with Atomic Secured Linux. They are advising that our lsphp = binary for PHP7 is insecure, while the other lsphp binaries for PHP 5 = are =E2=80=98not insecure=E2=80=99. The errors the customer is getting = are below Jul 18 22:39:02 cloud1 kernel: PAX: terminating task: = /opt/cpanel/ea-php70/root/usr/bin/lsphp(lsphp):2868, uid/euid: = 1001/1001, PC: 0000038b2ec8a010, SP: 000003fb990df238 Jul 18 22:39:02 cloud1 kernel: PAX: =46rom 162.158.51.199: execution = attempt in: , 328ec2bc000-328ec337000 328ec2bc000 Jul 18 22:39:02 cloud1 kernel: PAX: terminating task: = /opt/cpanel/ea-php70/root/usr/bin/lsphp(lsphp):2867, uid/euid: = 1001/1001, PC: 00000328ec2bc010, SP: 000003bc3fc1bb08 Jul 18 22:39:02 cloud1 kernel: PAX: bytes at PC: 41 54 41 55 41 56 41 57 = 53 48 8b df 48 83 ec 50 48 8b 43 10 Jul 18 22:39:02 cloud1 kernel: PAX: bytes at SP-8: 000000305a31ac60 = 00000328eb628caf 000000305a577f40 00000328e86f09d8 00000328e86f09d8 = 00000328e86f09da 000003bc3fc1bdb0 0000000000000000 0000000000000000 = 000f424000000002 0000003000000000 Jul 18 22:39:02 cloud1 kernel: PAX: bytes at PC: 41 54 41 55 41 56 41 57 = 53 48 8b df 48 83 ec 50 48 8b 43 10 Jul 18 22:39:02 cloud1 kernel: PAX: bytes at SP-8: 000000704c4f9960 = 0000038b2dff6caf 000000704c756ba0 0000038b2b0f09d8 0000038b2b0f09d8 = 0000038b2b0f09da 000003fb990df4e0 0000000000000000 0000000000000000 = 000f424000000002 0000007000000000 Jul 18 22:39:02 cloud1 kernel: PAX: =46rom 162.158.51.199: execution = attempt in: , 324d5968000-324d59e3000 324d5968000 Jul 18 22:39:02 cloud1 kernel: PAX: terminating task: = /opt/cpanel/ea-php70/root/usr/bin/lsphp(lsphp):2870, uid/euid: = 1001/1001, PC: 00000324d5968010, SP: 000003eca6200ce8 Jul 18 22:39:02 cloud1 kernel: PAX: =46rom 162.158.51.199: execution = attempt in: , 379109a2000-37910a1d000 379109a2000 Jul 18 22:39:02 cloud1 kernel: PAX: terminating task: = /opt/cpanel/ea-php70/root/usr/bin/lsphp(lsphp):2869, uid/euid: = 1001/1001, PC: 00000379109a2010, SP: 000003a17aa6b5f8 Jul 18 22:39:02 cloud1 kernel: PAX: bytes at PC: 41 54 41 55 41 56 41 57 = 53 48 8b df 48 83 ec 50 48 8b 43 10 Jul 18 22:39:02 cloud1 kernel: PAX: bytes at SP-8: 0000004bd46c3350 = 000003790fd0ecaf 0000004bd4920620 000003790cef09d8 000003790cef09d8 = 000003790cef09da 000003a17aa6b8a0 0000000000000000 0000000000000000 = 000f424000000002 0000004b00000000 Jul 18 22:39:02 cloud1 kernel: PAX: =46rom 162.158.51.199: execution = attempt in: , 29899f75000-29899ff0000 29899f75000 Jul 18 22:39:02 cloud1 kernel: PAX: terminating task: = /opt/cpanel/ea-php70/root/usr/bin/lsphp(lsphp):2871, uid/euid: = 1001/1001, PC: 0000029899f75010, SP: 000003a171c15158 Jul 18 22:39:02 cloud1 kernel: PAX: bytes at PC: 41 54 41 55 41 56 41 57 = 53 48 8b df 48 83 ec 50 48 8b 43 10 Jul 18 22:39:02 cloud1 kernel: PAX: bytes at SP-8: 0000007f3581d550 = 00000298992e1caf 0000007f35a7ac90 00000298964f09d8 00000298964f09d8 = 00000298964f09da 000003a171c15400 0000000000000000 0000000000000000 = 000f424000000002 0000007f00000000 Jul 18 22:39:02 cloud1 kernel: PAX: execution attempt in: , 3263ed56000-3263edd1000 3263ed56000 Jul 18 22:39:02 cloud1 kernel: PAX: terminating task: = /opt/cpanel/ea-php70/root/usr/bin/lsphp(lsphp):2872, uid/euid: = 1001/1001, PC: 000003263ed56010, SP: 000003bfce1cd868 Jul 18 22:39:02 cloud1 kernel: PAX: bytes at PC: 41 54 41 55 41 56 41 57 = 53 48 8b df 48 83 ec 50 48 8b 43 10 We build lsphp the exact same between PHP 5 & PHP 7 RPMs, so I=E2=80=99m = unsure as to how we should proceed to make our PHP 7 lsphp binary = =E2=80=98secure=E2=80=99. Is lsphp itself in PHP7 wrote differently in a = way than PHP 5 that it requires this =E2=80=98anonymous mapping=E2=80=99, = and any suggestions in making this =E2=80=98secure=E2=80=99 in regards = to grsec? Thanks in advance <3 =E2=80=94 Jacob Perkins Product Owner cPanel Inc. jacob.perkins@cpanel.net Office: 713-529-0800 x 4046 Cell: 713-560-8655 --Apple-Mail=_117F7BAE-5127-43CE-811D-A99FE701A8D1 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Good morning!

We received a support ticket from a customer who=E2=80=99s = using our PHP 7 binaries with Atomic Secured Linux. They are advising = that our lsphp binary for PHP7 is insecure, while the other lsphp = binaries for PHP 5 are =E2=80=98not insecure=E2=80=99. The errors the = customer is getting are below

Jul 18 22:39:02 cloud1 kernel: =
PAX: terminating task: /opt/cpanel/ea-php70/root/usr/bin/lsphp(lsphp):2868, =
uid/euid: 1001/1001, PC: 0000038b2ec8a010, SP: =
000003fb990df238
Jul 18 22:39:02 cloud1 kernel: PAX: =46rom 162.158.51.199: =
execution attempt in: <anonymous =
mapping>, 328ec2bc000-328ec337000 =
328ec2bc000
Jul 18 22:39:02 cloud1 kernel: =
PAX: terminating task: /opt/cpanel/ea-php70/root/usr/bin/lsphp(lsphp):2867, =
uid/euid: 1001/1001, PC: 00000328ec2bc010, SP: =
000003bc3fc1bb08
Jul 18 22:39:02 cloud1 kernel: PAX: bytes at PC: 41 54 41 =
55 41 56 41 57 53 48 8b df 48 83 ec 50 48 8b 43 10 =

Jul 18 22:39:02 cloud1 kernel: =
PAX: bytes at SP-8: 000000305a31ac60 00000328eb628caf 000000305a577f40 =
00000328e86f09d8 00000328e86f09d8 00000328e86f09da 000003bc3fc1bdb0 =
0000000000000000 0000000000000000 000f424000000002 0000003000000000 =

Jul 18 22:39:02 cloud1 kernel: =
PAX: bytes at PC: 41 54 41 55 41 56 41 57 53 48 8b df 48 83 ec 50 48 8b 43 10 
Jul 18 22:39:02 cloud1 kernel: PAX: bytes at SP-8: =
000000704c4f9960 0000038b2dff6caf 000000704c756ba0 0000038b2b0f09d8 =
0000038b2b0f09d8 0000038b2b0f09da 000003fb990df4e0 0000000000000000 =
0000000000000000 000f424000000002 0000007000000000 =

Jul 18 22:39:02 cloud1 kernel: =
PAX: =46rom 162.158.51.199: execution attempt in: <anonymous mapping>, 324d5968000-324d59e3000 =
324d5968000
Jul 18 22:39:02 cloud1 kernel: =
PAX: terminating task: /opt/cpanel/ea-php70/root/usr/bin/lsphp(lsphp):2870, =
uid/euid: 1001/1001, PC: 00000324d5968010, SP: =
000003eca6200ce8
Jul 18 22:39:02 cloud1 kernel: PAX: =46rom 162.158.51.199: =
execution attempt in: <anonymous =
mapping>, 379109a2000-37910a1d000 =
379109a2000
Jul 18 22:39:02 cloud1 kernel: =
PAX: terminating task: /opt/cpanel/ea-php70/root/usr/bin/lsphp(lsphp):2869, =
uid/euid: 1001/1001, PC: 00000379109a2010, SP: =
000003a17aa6b5f8
Jul 18 22:39:02 cloud1 kernel: PAX: bytes at PC: 41 54 41 =
55 41 56 41 57 53 48 8b df 48 83 ec 50 48 8b 43 10 =

Jul 18 22:39:02 cloud1 kernel: =
PAX: bytes at SP-8: 0000004bd46c3350 000003790fd0ecaf 0000004bd4920620 =
000003790cef09d8 000003790cef09d8 000003790cef09da 000003a17aa6b8a0 =
0000000000000000 0000000000000000 000f424000000002 0000004b00000000 =

Jul 18 22:39:02 cloud1 kernel: =
PAX: =46rom 162.158.51.199: execution attempt in: <anonymous mapping>, 29899f75000-29899ff0000 =
29899f75000
Jul 18 22:39:02 cloud1 kernel: =
PAX: terminating task: /opt/cpanel/ea-php70/root/usr/bin/lsphp(lsphp):2871, =
uid/euid: 1001/1001, PC: 0000029899f75010, SP: =
000003a171c15158
Jul 18 22:39:02 cloud1 kernel: PAX: bytes at PC: 41 54 41 =
55 41 56 41 57 53 48 8b df 48 83 ec 50 48 8b 43 10 =

Jul 18 22:39:02 cloud1 kernel: =
PAX: bytes at SP-8: 0000007f3581d550 00000298992e1caf 0000007f35a7ac90 =
00000298964f09d8 00000298964f09d8 00000298964f09da 000003a171c15400 =
0000000000000000 0000000000000000 000f424000000002 0000007f00000000 =

Jul 18 22:39:02 cloud1 kernel: =
PAX: execution attempt in: <anonymous mapping>, 3263ed56000-3263edd1000 =
3263ed56000
Jul 18 22:39:02 cloud1 kernel: =
PAX: terminating task: /opt/cpanel/ea-php70/root/usr/bin/lsphp(lsphp):2872, =
uid/euid: 1001/1001, PC: 000003263ed56010, SP: =
000003bfce1cd868
Jul 18 22:39:02 cloud1 kernel: PAX: bytes at PC: 41 54 41 =
55 41 56 41 57 53 48 8b df 48 83 ec 50 48 8b 43 10=20


We = build lsphp the exact same between PHP 5 & PHP 7 RPMs, so I=E2=80=99m = unsure as to how we should proceed to make our PHP 7 lsphp binary = =E2=80=98secure=E2=80=99. Is lsphp itself in PHP7 wrote differently in a = way than PHP 5 that it requires this =E2=80=98anonymous mapping=E2=80=99, = and any suggestions in making this =E2=80=98secure=E2=80=99 in regards = to grsec?

Thanks= in advance <3
=E2=80=94
Jacob Perkins
Product Owner
cPanel Inc.

jacob.perkins@cpanel.net
Office:  713-529-0800 = x 4046
Cell: =  713-560-8655

= --Apple-Mail=_117F7BAE-5127-43CE-811D-A99FE701A8D1-- --Apple-Mail=_70F3CA36-953C-4D07-9D25-6FF387C72FB8 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQEcBAEBCgAGBQJXj5SNAAoJEIo8JcFLoqwqZuYH/AgdI3yT+csJsc7HIW3y7cBY N51btfGuJ1wa7J3IfGTjpOi25oG79AxmXnROCDAoVHhfnogvhIjn5qNJdfiytiXl TizhYbB1f8b4PTD5IfitFBzUImhEdVaX820lHIB2qX/F7u4j5C/gSGkRkLkPpQ+O wlrSKpRoTvpl4EMdlGm1Hm14Og+Z5CcX4So0g6tQvIRP+QnKmRniOBAjviIeFlA7 zmA5iHT1AHh2iMm8bNerqHXQyJm0LKa9rarv2HipGfb0gLuGMOcFcBxrSILAdesf j6nZX3mTG6jQzr2vxM0L39JtNtDzssGz3/8fsK3u3IDdLun9+y82tE2cpLtQscE= =rEd4 -----END PGP SIGNATURE----- --Apple-Mail=_70F3CA36-953C-4D07-9D25-6FF387C72FB8--