Date: Wed, 27 May 2015 20:00:02 -0400 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Warner Losh <imp@bsdimp.com> Cc: Pedro Giffuni <pfg@freebsd.org>, Alfred Perlstein <alfred@freebsd.org>, freebsd-arch@freebsd.org Subject: Re: ASLR work into -HEAD ? Message-ID: <2503264.OAH5YVL1Fd@shawnwebb-laptop> In-Reply-To: <F01F2D02-33E5-4E37-ACE3-D6CFA9E814A3@bsdimp.com> References: <555CADB6.202@FreeBSD.org> <1432743944.20023.12.camel@hardenedbsd.org> <F01F2D02-33E5-4E37-ACE3-D6CFA9E814A3@bsdimp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart2333400.9eqfPmJx2M Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" On Wednesday, 27 May 2015 17:37:06 Warner Losh wrote: > > On May 27, 2015, at 10:25 AM, Shawn Webb <shawn.webb@hardenedbsd.or= g> > > wrote: Good. I'd rather focus on code rather than pointless politic= s. >=20 > But then=E2=80=A6 >=20 > > Our patch is more complex due to per-jail support and the various > > weaknesses FreeBSD wanted us to add. HardenedBSD's implementation d= oes > > not contain those weaknesses. >=20 > You=E2=80=99ll get more flies with honey than vinegar. >=20 > And FreeBSD didn=E2=80=99t want you to do anything. Certain people wa= nted certain > features or changes. Perhaps you could be more specific, since this k= ind of > carping is totally unhelpful. At the FreeBSD Developer Summit at EuroBSDCon 2014, Ed Maste said on be= half of=20 the FreeBSD Foundation that he (and by extension, the Foundation) would= block=20 the ASLR patch from being merged into HEAD if we didn't provide a mecha= nism=20 for disabling ASLR as a non-root user on a per-binary basis. I begrudgingly committed a first draft of the API on 26 Sep 2014 to our= =20 upstreaming branch[1]. Further changes were made to clean up the=20 implementation a bit within a few days. This rather silly "feature" was= =20 included in the next patch update to the review on Phabricator. This, of course, is a vast weakness that can be easily abused. So we've= made=20 sure not to have this in HardenedBSD. Want to debug an application with= ASLR=20 turned off? Set the sysctl to turn it off. Or use secadm to disable ASL= R for=20 that application. Usage of secadm requires root privileges and works on= a per- jail basis, just like our sysctls that control ASLR. [1]:=20 https://github.com/HardenedBSD/hardenedBSD/commit/0e6726c5606c9055951be= a44ff4a6fca8a79329c =2D-=20 Shawn Webb HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE --nextPart2333400.9eqfPmJx2M Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCAAGBQJVZlqCAAoJEGqEZY9SRW7uwVgQAI3iSdcGoBDtM5/jJprmE/4X 418ZvraBM2frn2osFLZQAnh2xthAGg+04Q7g7jBaUpRfSX6GMK+1xOnejSFuPYEI bONVJ0fCXM3h5pPkV/vx1E4HP1CCduR/AlG+11Rb3y6llAezFm0ym6ZvKxTftVqn u3m6xTd05oXYRJ1k4DcjvpRWaImF9snZ+3DZPoHAIUgve5050rcF7rijFz2IK0Zq gVJ3GWCyOJbLUKgbBIthpp8Qb8GaFRD8nsok6GXh+PjHtJFIsTGXp9uw1z5+30A7 utp6HzqguM8yDNEanYH+oaCOKy7qvefDMD0pocYvdS72C8zBcMcLalezAEMa6ig7 +gYKWhc2075qkk0OtQHvmYrSI66NFC+TdTvIx4y30egDi79wdPWuu80lQBoHSXxf WKaBZSjzAD35lDCAWJ9+yRC3Fb2wYK5fE9MmWpceLjmIrHdfgiMjgPf46n7lGEtP Fg5V/203XJ8QLu1octwOJu66DXyDFPI+gSAg5bR4G54cd/q0MbXXJlayMosx1AMv SwQBrpmUvCPl8z7re/0VIFZ1shuSqqxaItetfuRi5wPuCxat9AVHr6DCacFnF3O6 JaaXOQhy4evcOozJaxkHgM/8E1posqWouOXWvsBHOqTfapTa+KWn9scogKp5caYR vdOD5rNCepJWDguhHsUc =to4U -----END PGP SIGNATURE----- --nextPart2333400.9eqfPmJx2M--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2503264.OAH5YVL1Fd>