Date: Wed, 27 May 2015 20:00:02 -0400 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Warner Losh <imp@bsdimp.com> Cc: Pedro Giffuni <pfg@freebsd.org>, Alfred Perlstein <alfred@freebsd.org>, freebsd-arch@freebsd.org Subject: Re: ASLR work into -HEAD ? Message-ID: <2503264.OAH5YVL1Fd@shawnwebb-laptop> In-Reply-To: <F01F2D02-33E5-4E37-ACE3-D6CFA9E814A3@bsdimp.com> References: <555CADB6.202@FreeBSD.org> <1432743944.20023.12.camel@hardenedbsd.org> <F01F2D02-33E5-4E37-ACE3-D6CFA9E814A3@bsdimp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Wednesday, 27 May 2015 17:37:06 Warner Losh wrote: > > On May 27, 2015, at 10:25 AM, Shawn Webb <shawn.webb@hardenedbsd.org> > > wrote: Good. I'd rather focus on code rather than pointless politics. > > But then… > > > Our patch is more complex due to per-jail support and the various > > weaknesses FreeBSD wanted us to add. HardenedBSD's implementation does > > not contain those weaknesses. > > You’ll get more flies with honey than vinegar. > > And FreeBSD didn’t want you to do anything. Certain people wanted certain > features or changes. Perhaps you could be more specific, since this kind of > carping is totally unhelpful. At the FreeBSD Developer Summit at EuroBSDCon 2014, Ed Maste said on behalf of the FreeBSD Foundation that he (and by extension, the Foundation) would block the ASLR patch from being merged into HEAD if we didn't provide a mechanism for disabling ASLR as a non-root user on a per-binary basis. I begrudgingly committed a first draft of the API on 26 Sep 2014 to our upstreaming branch[1]. Further changes were made to clean up the implementation a bit within a few days. This rather silly "feature" was included in the next patch update to the review on Phabricator. This, of course, is a vast weakness that can be easily abused. So we've made sure not to have this in HardenedBSD. Want to debug an application with ASLR turned off? Set the sysctl to turn it off. Or use secadm to disable ASLR for that application. Usage of secadm requires root privileges and works on a per- jail basis, just like our sysctls that control ASLR. [1]: https://github.com/HardenedBSD/hardenedBSD/commit/0e6726c5606c9055951bea44ff4a6fca8a79329c -- Shawn Webb HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCAAGBQJVZlqCAAoJEGqEZY9SRW7uwVgQAI3iSdcGoBDtM5/jJprmE/4X 418ZvraBM2frn2osFLZQAnh2xthAGg+04Q7g7jBaUpRfSX6GMK+1xOnejSFuPYEI bONVJ0fCXM3h5pPkV/vx1E4HP1CCduR/AlG+11Rb3y6llAezFm0ym6ZvKxTftVqn u3m6xTd05oXYRJ1k4DcjvpRWaImF9snZ+3DZPoHAIUgve5050rcF7rijFz2IK0Zq gVJ3GWCyOJbLUKgbBIthpp8Qb8GaFRD8nsok6GXh+PjHtJFIsTGXp9uw1z5+30A7 utp6HzqguM8yDNEanYH+oaCOKy7qvefDMD0pocYvdS72C8zBcMcLalezAEMa6ig7 +gYKWhc2075qkk0OtQHvmYrSI66NFC+TdTvIx4y30egDi79wdPWuu80lQBoHSXxf WKaBZSjzAD35lDCAWJ9+yRC3Fb2wYK5fE9MmWpceLjmIrHdfgiMjgPf46n7lGEtP Fg5V/203XJ8QLu1octwOJu66DXyDFPI+gSAg5bR4G54cd/q0MbXXJlayMosx1AMv SwQBrpmUvCPl8z7re/0VIFZ1shuSqqxaItetfuRi5wPuCxat9AVHr6DCacFnF3O6 JaaXOQhy4evcOozJaxkHgM/8E1posqWouOXWvsBHOqTfapTa+KWn9scogKp5caYR vdOD5rNCepJWDguhHsUc =to4U -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2503264.OAH5YVL1Fd>