Re: Patch 4/6 randomize the stack pointer

From: John Richard Moser
Date: Thu Jan 27 2005 - 17:36:16 EST

Next message: Linus Torvalds: "Re: i8042 access timings"
Previous message: Jirka Kosina: "Re: Patch 4/6 randomize the stack pointer"
In reply to: Arjan van de Ven: "Re: Patch 4/6 randomize the stack pointer"
Next in thread: Rik van Riel: "Re: Patch 4/6 randomize the stack pointer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Arjan van de Ven wrote:
>>I feel the need to point something out here.
>>
>>[TEXT][BRK][MMAP---------------][STACK]
>>
>>Here's a normal layout.
>>
>>[TEXT][BRK][MMAP-------][STACK][MMAP--]
>>
>>Is this one any worse?
>
>
> yes.
>
> oracle, db2 and similar like to mmap 2Gb or more *in one chunk*.
> moving the stack in the middle means the biggest chunk they can mmap
> shrinks.
>

Special case?

I never said these weren't out there. But the point is, who runs
oracle? Your internal production server, maybe even a cluster, run it
now. Your desktops don't. Your web server exposed to the net
shouldn't. Both these are exactly where you *really* want this stuff:
desktops get exposed to the WWW (and IRC and AIM and God knows what
else), and web servers get exposed to the HTTP protocol (or ftp or
whatever).

Interesting, it's theoretically far less likely that an exploit occurs
on your server than on your desktop; and the special cases such as your
Oracle example aren't likely to be sharing a machine with your
promiscuous touching of everyone else on the Internet with a web browser
and IRC client, correct?

Can I get this put into perspective? How much more important is "Good"
randomization versus "not breaking Oracle," which becomes "No
randomization" (for Oracle anyway, not for everything else on a
well-designed system)? How much of an effect does "good" randomization
have on your web server and desktop machines versus on your internal,
isolated RDBMS server/cluster?

More pertainantly (believe it or not), do you even care to ponder these
questions, or is your next response going to be a stock response?

>
>

- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitly stated.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFB+Wx8hDd4aOud5P8RAuriAJ0WYcesi/o5lOZIJ++UG8WbDu3PMACeKaB5
/YjzHR2n0aRiUrxUrca1gkU=
=0/hv
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: i8042 access timings"
Previous message: Jirka Kosina: "Re: Patch 4/6 randomize the stack pointer"
In reply to: Arjan van de Ven: "Re: Patch 4/6 randomize the stack pointer"
Next in thread: Rik van Riel: "Re: Patch 4/6 randomize the stack pointer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]