Date: Wed, 25 Jan 2017 00:34:06 +0100 From: Domagoj Stolfa <domagoj.stolfa@gmail.com> To: Ed Maste <emaste@freebsd.org> Cc: FreeBSD Current <freebsd-current@freebsd.org> Subject: Re: ASLR Message-ID: <20170124233406.GA28386@freebsd> In-Reply-To: <CAPyFy2Ak6==qnk-_Fgtk4NP4kdqxbpcPghWHHEq86_eVG-JZ%2Bw@mail.gmail.com> References: <mailman.17311.1484765636.4388.freebsd-current@freebsd.org> <20170118225611.GA15647@ThinkPad-X200.local> <CAPyFy2Ak6==qnk-_Fgtk4NP4kdqxbpcPghWHHEq86_eVG-JZ%2Bw@mail.gmail.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] Hello, > For better or worse the term ASLR is today in common use to refer to a > number of different approaches. Using what has become a generic term > allows the implementation to change in the future, without changing > the interface (e.g. sysctls, userland tools, etc.). If I'm not mistaken, ASR is the approach that was first taken by the PaX team in an attempt to randomize mmaps. It later evolved into ASLR, however I do agree that one should call this ASLR for compatibility reasons in the future. > I wish there was a concise, technical comparison of the approaches > implemented by different operating systems, but I've unfortunately not > found one. FWIW, ASLR is just a workaround and has it's weaknesses[1], but is a workaround I would like to see implemented in FreeBSD, be it ASLR or ASR, until a proper solution comes along. [1] https://www.blackhat.com/docs/asia-16/materials/asia-16-Marco-Gisbert-Exploiting-Linux-And-PaX-ASLRS-Weaknesses-On-32-And-64-Bit-Systems-wp.pdf -- Best regards, Domagoj Stolfa [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEHQB+y96lmmv+IXofwxT+ikb0YU4FAliH5GwACgkQwxT+ikb0 YU40XQgA1TZkbLeE2G86kM+ke/0B6DsWgvHMNXMljFOSdAF2OZs/sOyHgi5duiZb f+6giI6T2pxrySELQoIB4/jG/K4SSzhJP+pWNKLWXKwSHfRHE6ye/6Mw2uyWwAKo a21K/dXR8S5058fi6uZLZmzSX2vglBnBuo2BICBaXm0osseQBmtHb4zVJtfT9YRR Ra7qxXPUy54oaO/RHJH7YmtezpuoQLQU4l8rnhCTXLdL5iLO5zCSbnKPCqLjmhin q2ewsVyYY0EyQCXvhoKoXCXyN+trrQE4AsTX3PPiKitgr5M94/yFUnYblUgNXUSo lH5orvrY3UdnY0bvTEV3FQhIfInttw== =hHxk -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20170124233406.GA28386>