Re: Patch 0/6 virtual address space randomisation

From: Arjan van de Ven
Date: Thu Jan 27 2005 - 06:59:00 EST

Next message: Arjan van de Ven: "Re: Patch 2/6 introduce helper infrastructure"
Previous message: Evgeniy Polyakov: "Re: 2.6.11-rc2-mm1: SuperIO scx200 breakage"
In reply to: Julien TINNES: "Re: Patch 0/6 virtual address space randomisation"
Next in thread: John Richard Moser: "Re: Patch 0/6 virtual address space randomisation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2005-01-27 at 12:45 +0100, Julien TINNES wrote:
> Arjan van de Ven wrote:
> > The randomisation patch series introduces infrastructure and functionality
> > that causes certain parts of a process' virtual address space to be
> > different for each invocation of the process. The purpose of this is to
> > raise the bar on buffer overflow exploits; full randomisation makes it not
> > possible to use absolute addresses in the exploit.
> >
>
> I think it is worth mentioning that this is part of PaX ASLR, but with
> some changes and simplification.

it actually came from Exec-Shield not PaX

> I have some questions about the changes:
>
> for RANDMMAP why doing randomization in mmap_base() and not in
> arch_pick_mmap_layout? You miss a whole case here where legacy layout is
> used.

legacy layout will want a different randomisation; it'll come in a
separate, incremental patch.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Arjan van de Ven: "Re: Patch 2/6 introduce helper infrastructure"
Previous message: Evgeniy Polyakov: "Re: 2.6.11-rc2-mm1: SuperIO scx200 breakage"
In reply to: Julien TINNES: "Re: Patch 0/6 virtual address space randomisation"
Next in thread: John Richard Moser: "Re: Patch 0/6 virtual address space randomisation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]