Re: "Advances in Security" in the Linux Kernel and RedHat idiocy

[Arjan van de Ven <arjanv () redhat com>]

On Thu, Jan 27, 2005 at 11:10:43AM -0500, Brad Spengler wrote:
> Just wanted to point out to you guys the INCREDIBLE advances in Linux 
> security underway on LKML from security expert Arjan van de Ven:
>
> http://lkml.org/lkml/2005/1/27/62
>
> On the subject of his i386-only mmap randomization patch:
>
> The randomisation range is 1 megabyte (this is bigger than the stack
> randomisation since the stack randomisation only needs 16 bytes alignment
> while the mmap needs page alignment, a 64kb range would not have given
> enough entropy to be effective)
>
> If we do a little math..
> 1048576 / 4096 = 256
> 65536 / 16 = 4096
>
> 256 different locations for the mmap base, 4096 different locations for 
> the stack (and apparently argv/envp pages get no randomization)
>
> Anyone with half a brain would see this is a joke, but not security 
> expert Arjan van de Ven:

I think the joke is on you in this case. There is a large patch series of
which you judge the first steps only. Those steps introduce the
infrastructure and concepts into the kernel, and later patches will tweak
the exact numbers to values with more entropy. ONCE THEY EXISTING
INFRASTRUCTURE IS ACCEPTED AND DEBUGGED.

Maybe you don't understand that, I assume a lot of the other readers of this
list do. You don't plop a huge patch in the linux kernel in one chunk. You
do it in nice small, incremental and debuggable steps.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html