On Sat, 2007-01-20 at 17:37 +0300, Samium Gromoff wrote:
> This patch removes the dropping of ADDR_NO_RANDOMIZE upon execution of setuid
> binaries.
>
> Why? The answer consists of two parts:
>
> Firstly, there are valid applications which need an unadulterated memory map.
> Some of those which do their memory management, like lisp systems (like SBCL).
> They try to achieve this by setting ADDR_NO_RANDOMIZE and reexecuting themselves.
this is a ... funny way of achieving this
if an application for some reason wants some fixed address for a piece
of memory there are other ways to do that.... (but to some degree all
apps that can't take randomization broken; for example a glibc upgrade
on a system will also move the address space around by virtue of being
bigger or smaller etc etc)
> [1]. See the excellent, 'Hackers Hut' by Andries Brouwer, which describes
> how AS randomisation can be got around by the means of linux-gate.so.1
got a URL to this? If this is exploiting the fact that the vdso is at a
fixed spot... it's no longer the case since quite a while.
--
if you want to mail me at work (you don't), use arjan (at) linux.intel.com
Test the interaction between Linux and your BIOS via http://www.linuxfirmwarekit.org
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
