Security Basics mailing list archives
Re: Library address randomization
From: "kalgecin () gmail com" <kalgecin () gmail com>
Date: Fri, 23 Jan 2009 06:27:34 +0300
duno but "cat /proc/sys/kernel/randomize_va_space" should yield 1 for on and 0 for off. I may be wrong but never heard of 2 in there. try "echo 1 > /proc/sys/kernel/randomize_va_space" On 1/23/09, Ricardo Rolim <ricardorolim () hotmail com> wrote:
Hi there, Currently I'm using Fedora 10 and apparently I'm not getting any library address randomization for programs compiled as PIE. Whereas the binary itself, stack and heap are randomly getting their addresses changed from one execution to the next, the library stands still at a predictable location. Strangely enough I've got the expected result out of Ubuntu 8.10. This is how I'm checking: #include int main() { printf("printf: %p\n", printf); printf("main : %p\n", main); } [ricardo@localhost ~]$ cat /proc/sys/kernel/randomize_va_space 2 [ricardo@localhost ~]$ cat /proc/sys/kernel/exec-shield 1 [ricardo@localhost ~]$ gcc -fpie -pie -o dummy dummy.c [ricardo@localhost ~]$ ./dummy printf: 0x17c900 main : 0xb7f8851c [ricardo@localhost ~]$ ./dummy printf: 0x17c900 main : 0xb7f5051c Am I missing something? Thanks a lot :) _________________________________________________________________ Invite your mail contacts to join your friends list with Windows Live Spaces. It's easy! http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us
Current thread:
- Library address randomization Ricardo Rolim (Jan 22)
- Re: Library address randomization kalgecin () gmail com (Jan 23)
- Re: Library address randomization Chris McCulloh (Jan 23)