Re: Patch 0/6 virtual address space randomisation
From: Julien TINNES
Date: Thu Jan 27 2005 - 14:38:57 EST
Yeah, if it came from PaX the randomization would actually be useful.
Sorry, I've just woken up and already explained in another post.
Please, no hard feelings.
Speaking about implementation of the non executable pages semantics on
IA32, PaX and Exec-Shield are very different (well not that much since
2.6 in fact because PAGEEXEC is now "segmentation when I can").
But when it comes to ASLR it's pretty much the same thing.
The only difference may be the (very small) randomization of the brk()
managed heap on ET_EXEC (which is probably the more "hackish" feature of
PaX ASLR) but it seems that Arjan is even going to propose a patch for
that (Is this in ES too ?).
I think it's a great opportunity here to get the same basis for ASLR in
PaX and ES merged into the vanilla kernel.
If it's only a matter of changing the number of randomized bits in an
additional PaX patch, it's no problem! It's more important to have a
correct basis, focus on that.
--
Julien TINNES - & france telecom - R&D Division/MAPS/NSS
Research Engineer - Internet/Intranet Security
GPG: C050 EF1A 2919 FD87 57C4 DEDD E778 A9F0 14B9 C7D6
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/