lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 11 May 2007 13:36:51 -0700
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	Jiri Kosina <jkosina@...e.cz>
Cc:	Jan Kratochvil <honza@...os.cz>, Ingo Molnar <mingo@...e.hu>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH][RESEND] PIE randomization

On Fri, 11 May 2007 22:18:16 +0200 (CEST)
Jiri Kosina <jkosina@...e.cz> wrote:

> On Fri, 11 May 2007, Andrew Morton wrote:
> 
> > >    I sent this patch 5 days ago, nobody replied. So I am giving it 
> > > second attempt. Andrew, is it possible to test this in -mm branch? 
> > > Original mail follows:
> > >     this is something like reaction to this thread: 
> > > http://lkml.org/lkml/2007/1/6/124. I hope I was able to separate the 
> > > PIE randomization part correctly.
> > I don't know what to do with this.  The changelog doesn't tell me what PIE
> > randomization _is_, nor why the kernel would want to do it. "Randomizing 
> > -pie compiled binaries" sounds fairly undesirable, actually ;)
> 
> I think it's precisely what we want to do in case the randomize_va_space 
> is set to 1, don't we? (I haven't yet gone throught the patch though, so I 
> am not sure whether this is the case).

erm, I was being funny.  If you randomize a binary it won't run any more. 
cp /dev/random /bin/login.  Oh well.

My point is, we're not being told what is being randomized here.  Is it the
virtual starting address of the main executable mmap?  Of the shared
libraries also?  Is it the stack location?  What?

I could reverse-engineer that info from the patch, I guess, but I'd prefer
to go in the opposite direction: you tell us what the patch is trying to
do, then we look at it and see if we agree that it is in fact doing that.

> We already have stack randomization and mmap() base randomization but 
> executable base randomization (which is of course only feasible for -pie 
> executables) and brk() randomization still seem to be missing to make it 
> complete.


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ