grsecurity forums


https://forums.grsecurity.net./

IBM stack protector

https://forums.grsecurity.net./viewtopic.php?f=3&t=238

Page 1 of 1

IBM stack protector

PostPosted: Sun Dec 15, 2002 12:13 pm
by flamingice
Does the stack randomization features of grsecurity screw with IBM's stack protector? (probably a stupid question, but I'd like to know)

Re: IBM stack protector

PostPosted: Sun Dec 15, 2002 1:17 pm
by PaX Team
flamingice wrote:Does the stack randomization features of grsecurity screw with IBM's stack protector? (probably a stupid question, but I'd like to know)
they should not (i don't see what feature of propolice would need knowledge of absolute addresses). in fact, now that OpenBSD has included propolice and they also have stack randomization, you can be fairly sure it works fine.

PostPosted: Sun Dec 15, 2002 7:29 pm
by spender
I've compiled several of my apps with propolice, and have had no problems with it and PaX.

-Brad

PostPosted: Sun Dec 15, 2002 8:15 pm
by flamingice
I know they work together, I just wasn't sure that propolice would be effective with stack randomization on. (since propolice needs to put stuff in certain places, blah blah, don't know much about this stuff)

PostPosted: Mon Dec 16, 2002 8:31 am
by PaX Team
flamingice wrote:I know they work together, I just wasn't sure that propolice would be effective with stack randomization on. (since propolice needs to put stuff in certain places, blah blah, don't know much about this stuff)
what propolice does to the stack is that it reorganizes its layout (that is, each function's stack frame), this does not rely on absolute addresses therefore the global stack randomization (think of it as shifting, something that you would also get if you defined an environment variable of a random length for every task) that PaX does won't interfere with it.
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/