Vulnerability Development mailing list archives
Re: Beating memory address randomization (secuirty) features in Unix/Linux
From: "Mike Davis" <mdavis () imperfectnetworks com>
Date: Mon, 3 Apr 2006 15:56:58 -0400
wouldnt this also apply to the propolice stack ramdomization as well? not just pax
-phar----- Original Message ----- From: "Don Bailey" <don.bailey () gmail com>
To: <vuln-dev () securityfocus com> Sent: Monday, April 03, 2006 2:09 PMSubject: Re: Beating memory address randomization (secuirty) features in Unix/Linux
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1I believe they're talking about distros WITH RANDOMIZATION IE PAX enabled.Obviously. My point is that the original poster didn't seem to be concerned with more advanced issues, like PaX. Rather, they just wanted to learn how to evade the basic stack base randomization code employed on many popular Linux distros. Let them worry about things like PaX later. Also, tell me how often is PaX/grsec employed? Clearly, not often. Distros aren't even interested in deploying it as much as they are interested in the new vanilla kernel way of integrating security into the core code. That code still has a long way to go. Don "north" Bailey -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.5 (Build 5050) iQA/AwUBRDFk8l/Ie1ANMtLuEQK9+ACfbxWb4zSGmebcNduqXtqPyBk3PGAAoMJR rdo4rvXNExT1UBj3OnF8P/EE =iFTb -----END PGP SIGNATURE-----
Current thread:
- Re: Beating memory address randomization (secuirty) features in Unix/Linux sean (Apr 03)
- Re: Beating memory address randomization (secuirty) features in Unix/Linux Don Bailey (Apr 03)
- Re: Beating memory address randomization (secuirty) features in Unix/Linux Mike Davis (Apr 03)
- <Possible follow-ups>
- Re: Beating memory address randomization (secuirty) features in Unix/Linux Andrea Purificato - bunker (Apr 03)
- Re: Beating memory address randomization (secuirty) features in Unix/Linux Don Bailey (Apr 03)