| 1 |
On 21 Nov 2007 at 12:49, Brian Kroth wrote: |
| 2 |
|
| 3 |
> Still sifting through the docs, so I apologize if these are answered elsewhere. |
| 4 |
> |
| 5 |
> - In the docs for ASLR it notes that a side effect is memory space |
| 6 |
> fragmentation. How is this dealt with, if at all? Perhaps this isn't as big |
| 7 |
> a problem as I think it is. |
| 8 |
|
| 9 |
uhm, what is there to deal with? ;-) you either want randomization or |
| 10 |
you don't... the side effect is what the doc says, the unmapped region |
| 11 |
sizes between the main areas are not fixed but change, i.e., they can |
| 12 |
be bigger or smaller than what a non-ASLR kernel creates. whether that |
| 13 |
helps a given app or not depends on the app of course. |
| 14 |
|
| 15 |
> - In the pspax output, under MAPS, is w^x meant to indicate that the process has |
| 16 |
> writable AND executable maps, or that it has writable but NOT executable maps? |
| 17 |
|
| 18 |
it means the app doesn't have writable AND executable mappings. |
| 19 |
|
| 20 |
> I presume the other output, w|x, (which I don't seem to have any of) is an OR, |
| 21 |
> meaning the process has maps that have both bits set, correct? |
| 22 |
|
| 23 |
correct (you can 'grep rwx /proc/pid/maps' to see them). |
| 24 |
|
| 25 |
> and ASLR would use RANDEXEC on ET_EXEC binaries, |
| 26 |
|
| 27 |
RANDEXEC (when it existed) was never enabled by default. |
| 28 |
|
| 29 |
> rather than RANDMMAP, but everything else should still work - correct? |
| 30 |
|
| 31 |
the only difference is that ET_EXEC executables won't be randomized. |
| 32 |
|
| 33 |
> Will the other two memory areas still be randomized where applicable? |
| 34 |
|
| 35 |
yes, RANDEXEC was an independent feature within ASLR. in fact, not only |
| 36 |
the stack/mmap regions will continue to be randomized but the brk based |
| 37 |
heap as well (albeit with less entropy by virtue of lacking the random |
| 38 |
bits that would come from the main executable base). |
| 39 |
|
| 40 |
> Do I need to just add RANDEXEC manually to my .config or is there some |
| 41 |
> special combo that hides it? |
| 42 |
|
| 43 |
no, i removed it from PaX some time ago as it became too hard to maintain |
| 44 |
in 2.6 for little if any gain. |
| 45 |
|
| 46 |
-- |
| 47 |
gentoo-hardened@g.o mailing list |
Archives