From owner-freebsd-hackers@FreeBSD.ORG  Sun Dec  4 14:31:47 2011
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 1C14F1065677;
	Sun,  4 Dec 2011 14:31:47 +0000 (UTC) (envelope-from jilles@stack.nl)
Received: from mx1.stack.nl (relay02.stack.nl [IPv6:2001:610:1108:5010::104])
	by mx1.freebsd.org (Postfix) with ESMTP id A0B3F8FC1A;
	Sun,  4 Dec 2011 14:31:46 +0000 (UTC)
Received: from snail.stack.nl (snail.stack.nl [IPv6:2001:610:1108:5010::131])
	by mx1.stack.nl (Postfix) with ESMTP id 896E335AD6E;
	Sun,  4 Dec 2011 15:31:45 +0100 (CET)
Received: by snail.stack.nl (Postfix, from userid 1677)
	id 7111628468; Sun,  4 Dec 2011 15:31:45 +0100 (CET)
Date: Sun, 4 Dec 2011 15:31:45 +0100
From: Jilles Tjoelker <jilles@stack.nl>
To: Mikolaj Golub <trociny@freebsd.org>
Message-ID: <20111204143145.GA44832@stack.nl>
References: <86y5wkeuw9.fsf@kopusha.home.net>
	<20111016171005.GB50300@deviant.kiev.zoral.com.ua>
	<86aa8qozyx.fsf@kopusha.home.net>
	<20111025082451.GO50300@deviant.kiev.zoral.com.ua>
	<86aa8k2im0.fsf@kopusha.home.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <86aa8k2im0.fsf@kopusha.home.net>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: Kostik Belousov <kostikbel@gmail.com>, freebsd-hackers@freebsd.org,
	Robert Watson <rwatson@freebsd.org>
Subject: Re: "ps -e" without procfs(5)
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Dec 2011 14:31:47 -0000

On Sat, Oct 29, 2011 at 01:32:39PM +0300, Mikolaj Golub wrote:
> [KERN_PROC_AUXV requires just p_cansee()]

If we are ever going to do ASLR, the AUXV information tells an attacker
where the stack, executable and RTLD are located, which defeats much of
the point of randomizing the addresses in the first place.

Given that the AUXV information seems to be used by debuggers only
anyway, I think it would be good to move it to p_candebug() now.

The full virtual memory maps (KERN_PROC_VMMAP, procstat -v) are already
under p_candebug().

-- 
Jilles Tjoelker