PIE randomization being discussed on LKML

Discuss and suggest new grsecurity features

PIE randomization being discussed on LKML

Postby zakalwe » Fri May 11, 2007 10:42 pm

How does the PAX implementation differ from what is being proposed here?

http://marc.info/?l=linux-kernel&m=117888696419153&w=2

Maybe the PAX team should chime in and save some people alot of work?
zakalwe
 
Posts: 22
Joined: Mon Jul 10, 2006 9:40 am

Re: PIE randomization being discussed on LKML

Postby PaX Team » Wed May 16, 2007 5:13 pm

zakalwe wrote:How does the PAX implementation differ from what is being proposed here?
http://marc.info/?l=linux-kernel&m=117888696419153&w=2
that PaX actually works? ;-) more seriously, the proper approach is what PaX does, that is, randomize the main executable around the (arch specific) normal executable base address, instead of as a regular mmap mapping.
Maybe the PAX team should chime in and save some people alot of work?
i actually talked to a SuSE security guy many months ago and suggested to just take the PaX bits, instead of cooking up their own, but to no avail apparently. other than that, i can't send email to lkml since last june or so (some spam filtering stuff i think, but both mail admins ignored my requests to resolve the problem), nor does Linus take anonymous contributions anymore.
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm


Return to grsecurity development

cron