At Sun, 21 Jan 2007 03:16:04 +0100,
Arjan van de Ven wrote:
> On Sat, 2007-01-20 at 17:37 +0300, Samium Gromoff wrote:
> > This patch removes the dropping of ADDR_NO_RANDOMIZE upon execution of setuid
> > binaries.
> >
> > Why? The answer consists of two parts:
> >
> > Firstly, there are valid applications which need an unadulterated memory map.
> > Some of those which do their memory management, like lisp systems (like SBCL).
> > They try to achieve this by setting ADDR_NO_RANDOMIZE and reexecuting themselves.
>
> this is a ... funny way of achieving this
>
> if an application for some reason wants some fixed address for a piece
> of memory there are other ways to do that.... (but to some degree all
> apps that can't take randomization broken; for example a glibc upgrade
> on a system will also move the address space around by virtue of being
> bigger or smaller etc etc)
> > [1]. See the excellent, 'Hackers Hut' by Andries Brouwer, which describes
> > how AS randomisation can be got around by the means of linux-gate.so.1
>
> got a URL to this? If this is exploiting the fact that the vdso is at a
> fixed spot... it's no longer the case since quite a while.
hmm, it seems to rely on that, yes:
http://www.win.tue.nl/~aeb/linux/hhh/hh-9.html#ss9.6
> --
> if you want to mail me at work (you don't), use arjan (at) linux.intel.com
> Test the interaction between Linux and your BIOS via http://www.linuxfirmwarekit.org
regards, Samium Gromoff
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]