Security Basics mailing list archives
Library address randomization
From: Ricardo Rolim <ricardorolim () hotmail com>
Date: Fri, 23 Jan 2009 01:03:55 +0300
Hi there, Currently I'm using Fedora 10 and apparently I'm not getting any library address randomization for programs compiled as PIE. Whereas the binary itself, stack and heap are randomly getting their addresses changed from one execution to the next, the library stands still at a predictable location. Strangely enough I've got the expected result out of Ubuntu 8.10. This is how I'm checking: #include int main() { printf("printf: %p\n", printf); printf("main : %p\n", main); } [ricardo@localhost ~]$ cat /proc/sys/kernel/randomize_va_space 2 [ricardo@localhost ~]$ cat /proc/sys/kernel/exec-shield 1 [ricardo@localhost ~]$ gcc -fpie -pie -o dummy dummy.c [ricardo@localhost ~]$ ./dummy printf: 0x17c900 main : 0xb7f8851c [ricardo@localhost ~]$ ./dummy printf: 0x17c900 main : 0xb7f5051c Am I missing something? Thanks a lot :) _________________________________________________________________ Invite your mail contacts to join your friends list with Windows Live Spaces. It's easy! http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us
Current thread:
- Library address randomization Ricardo Rolim (Jan 22)
- Re: Library address randomization kalgecin () gmail com (Jan 23)
- Re: Library address randomization Chris McCulloh (Jan 23)