1 |
Hi! |
2 |
|
3 |
On Mon, Nov 14, 2005 at 03:45:48PM +0300, Vladimir Solomatin wrote: |
4 |
> ô.Å. Õ ÔÅÂÑ × hardened ÐÒÏÂÌÅÍ Ó X'ÍÉ É Java ÎÅÔ? åÓÌÉ ÞÔÏ-ÎÉÂÕÄØ, ÏÔ |
5 |
> ÞÅÇÏ ÐÒÉÛÌÏÓØ ÏÔËÁÚÁÔØÓÑ ÉÚ-ÚÁ hardened? |
6 |
|
7 |
îÅÔ. |
8 |
|
9 |
> ÏÔÓÕÔÓÔ×ÉÅ ÆÌÁÇÏ× +pie +ssp, ÎÁÌÉÞÉÉ -nopie -nossp |
10 |
> ÍÏÖÅÔ ÂÙÔØ ÜÔÏ × ÐÏÒÑÄËÅ ×ÅÝÅÊ. |
11 |
|
12 |
ñ ÔÁË ÐÏÎÉÍÁÀ ÞÔÏ ÆÌÁÇÉ -nopie É -nossp ÐÏÚ×ÏÌÑÀÔ ÓÏÂÒÁÔØ gcc ÏÔËÌÀÞÉ× ÜÔÉ ÆÉÞÉ. |
13 |
|
14 |
> paxtest.log ÄÏ ×ËÌÀÞÅÎÉÑ É ÎÁÓÔÒÏÊËÉ PaX É Grsecurity × ÑÄÒÅ |
15 |
> (Grsecurity ÎÁ×ÅÒÎÏÅ ÚÄÅÓØ ÒÏÌÉ ÎÅ ÉÇÒÁÅÔ) ×ÓÅ ÐÁËÅÔÙ ÓËÏÍÐÉÌÉÎÙ gcc Ó |
16 |
> +pie +ssp: |
17 |
> |
18 |
> --------------------------paxtest.log-------------------------- |
19 |
> Executable anonymous mapping : Vulnerable |
20 |
> Executable bss : Vulnerable |
21 |
> Executable data : Vulnerable |
22 |
> Executable heap : Vulnerable |
23 |
> Executable stack : Vulnerable |
24 |
> Executable anonymous mapping (mprotect) : Vulnerable |
25 |
> Executable bss (mprotect) : Vulnerable |
26 |
> Executable data (mprotect) : Vulnerable |
27 |
> Executable heap (mprotect) : Vulnerable |
28 |
> Executable stack (mprotect) : Vulnerable |
29 |
> Executable shared library bss (mprotect) : Vulnerable |
30 |
> Executable shared library data (mprotect): Vulnerable |
31 |
> Writable text segments : Vulnerable |
32 |
> Anonymous mapping randomisation test : No randomisation |
33 |
> Heap randomisation test (ET_EXEC) : No randomisation |
34 |
> Heap randomisation test (ET_DYN) : No randomisation |
35 |
> Main executable randomisation (ET_EXEC) : No randomisation |
36 |
> Main executable randomisation (ET_DYN) : No randomisation |
37 |
> Shared library randomisation test : No randomisation |
38 |
> Stack randomisation test (SEGMEXEC) : No randomisation |
39 |
> Stack randomisation test (PAGEEXEC) : No randomisation |
40 |
> Return to function (strcpy) : Vulnerable |
41 |
> Return to function (memcpy) : Vulnerable |
42 |
> Return to function (strcpy, RANDEXEC) : Vulnerable |
43 |
> Return to function (memcpy, RANDEXEC) : Vulnerable |
44 |
> Executable shared library bss : Killed |
45 |
> Executable shared library data : Killed |
46 |
> ---------------------------------------------------------------- |
47 |
> |
48 |
> ëÁË ÜÔÏ ×ÙÇÌÑÄÉÔ ÐÏÓÌÅ ÎÁÓÔÒÏÊËÉ PaX? |
49 |
|
50 |
Executable anonymous mapping : Killed |
51 |
Executable bss : Killed |
52 |
Executable data : Killed |
53 |
Executable heap : Killed |
54 |
Executable stack : Killed |
55 |
Executable anonymous mapping (mprotect) : Killed |
56 |
Executable bss (mprotect) : Killed |
57 |
Executable data (mprotect) : Killed |
58 |
Executable heap (mprotect) : Killed |
59 |
Executable stack (mprotect) : Killed |
60 |
Executable shared library bss (mprotect) : Killed |
61 |
Executable shared library data (mprotect): Killed |
62 |
Writable text segments : Killed |
63 |
Anonymous mapping randomisation test : 15 bits (guessed) |
64 |
Heap randomisation test (ET_EXEC) : 13 bits (guessed) |
65 |
Heap randomisation test (ET_DYN) : 23 bits (guessed) |
66 |
Main executable randomisation (ET_EXEC) : No randomisation |
67 |
Main executable randomisation (ET_DYN) : 15 bits (guessed) |
68 |
Shared library randomisation test : 15 bits (guessed) |
69 |
Stack randomisation test (SEGMEXEC) : 23 bits (guessed) |
70 |
Stack randomisation test (PAGEEXEC) : 24 bits (guessed) |
71 |
Return to function (strcpy) : Vulnerable |
72 |
Return to function (memcpy) : Vulnerable |
73 |
Return to function (strcpy, RANDEXEC) : Vulnerable |
74 |
Return to function (memcpy, RANDEXEC) : Vulnerable |
75 |
Executable shared library bss : Killed |
76 |
Executable shared library data : Killed |
77 |
|
78 |
þÔÏ ÎÕÖÎÏ ÅÝ£ ×ËÌÀÞÉÔØ ÞÔÏÂÙ "Return to function" ÔÏÖÅ ÂÙÌÉ ÚÁÝÉÝÅÎÙ Ñ ÐÏËÁ |
79 |
ÎÅ ÒÁÚÂÉÒÁÌÓÑ - ×ÒÅÍÅÎÉ ÎÅÔ. |
80 |
|
81 |
-- |
82 |
WBR, Alex. |
83 |
-- |
84 |
gentoo-user-ru@g.o mailing list |