From owner-freebsd-security@FreeBSD.ORG Mon May 26 01:54:44 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BA322FCC; Mon, 26 May 2014 01:54:44 +0000 (UTC) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 858642735; Mon, 26 May 2014 01:54:44 +0000 (UTC) Received: from jre-mbp.elischer.org (ppp121-45-232-70.lns20.per1.internode.on.net [121.45.232.70]) (authenticated bits=0) by vps1.elischer.org (8.14.8/8.14.8) with ESMTP id s4Q1sTEf081233 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Sun, 25 May 2014 18:54:32 -0700 (PDT) (envelope-from julian@freebsd.org) Message-ID: <53829ED0.7010105@freebsd.org> Date: Mon, 26 May 2014 09:54:24 +0800 From: Julian Elischer User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: David Chisnall , Oliver Pinter Subject: Re: [CFT] ASLR, PIE, and segvguard on 11-current and 10-stable References: <20140514135852.GC3063@pwnie.vrt.sourcefire.com> <86a9a56ac6.fsf@nine.des.no> <86wqd94nk6.fsf@nine.des.no> <38F830B6-4B52-4372-9BC6-565B2387720F@FreeBSD.org> In-Reply-To: <38F830B6-4B52-4372-9BC6-565B2387720F@FreeBSD.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-stable@freebsd.org, dim@freebsd.org, Shawn Webb , freebsd-security@freebsd.org, freebsd-current@freebsd.org, =?ISO-8859-1?Q?Dag-Erling_Sm=F8rgrav?= X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 May 2014 01:54:44 -0000 On 5/26/14, 5:18 AM, David Chisnall wrote: > On 25 May 2014, at 21:31, Oliver Pinter wrote: > >> On 5/25/14, Dag-Erling Smørgrav wrote: >>> Oliver Pinter writes: >>>> pax_log will be in future a generic pax related logging framework, >>>> with ratelimiting and other features. It will log user, IP, binary >>>> name, path, checksum, and others. >>> What are you using this for? Are you sure you can't use ktrace? It's a >>> lot more flexible and powerful than you probably realize. >> Logging to system log, The feature will similar to this in grsecurity: >> http://en.wikibooks.org/wiki/Grsecurity/Appendix/Grsecurity_and_PaX_Configuration_Options#Kernel_Auditing > It sounds like you actually want to be writing audit events then. See audit(4). yeah I think the point is not "use ktrace" but "use and/or possibly extend one of the several already existing methods". we don't need *another* logging facility. > > David > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > >