Security Basics mailing list archives

Library address randomization

From: Ricardo Rolim <ricardorolim () hotmail com>
Date: Fri, 23 Jan 2009 01:03:55 +0300


Hi there,

Currently I'm using Fedora 10 and apparently I'm not getting any library address randomization for programs compiled as 
PIE. Whereas the binary itself, stack and heap are randomly getting their addresses changed from one execution to the 
next, the library stands still at a predictable location. Strangely enough I've got the expected result out of Ubuntu 
8.10. This is how I'm checking:

        #include 

int main() {
        printf("printf: %p\n", printf);
        printf("main  : %p\n", main);
}

[ricardo@localhost ~]$ cat /proc/sys/kernel/randomize_va_space
2
[ricardo@localhost ~]$ cat /proc/sys/kernel/exec-shield
1
[ricardo@localhost ~]$ gcc -fpie -pie -o dummy dummy.c
[ricardo@localhost ~]$ ./dummy
printf: 0x17c900
main  : 0xb7f8851c
[ricardo@localhost ~]$ ./dummy
printf: 0x17c900
main  : 0xb7f5051c

Am I missing something? Thanks a lot :)         
_________________________________________________________________
Invite your mail contacts to join your friends list with Windows Live Spaces. It's easy!
http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us

Current thread:

Library address randomization Ricardo Rolim (Jan 22)
- Re: Library address randomization kalgecin () gmail com (Jan 23)
- Re: Library address randomization Chris McCulloh (Jan 23)