On 2018-02-14 00:36, Andreas Schiffler wrote: > On 2/13/2018 11:17 PM, Thomas Wolff wrote: >> Am 14.02.2018 um 04:25 schrieb Brian Inglis: >>> On 2018-02-12 21:58, Andreas Schiffler wrote: >>>> Found the workaround (read: not really a solution as it leaves the system >>>> vulnerable, but it unblocks cygwin) >>>> - Go to Windows Defender Security Center - Exploit protection settings >>>> - Disable System Settings - Force randomization for images (Mandatory >>>> ASLR) and >>>> Randomize memory allocations (Bottom-up ASLR) from "On by default" to "Off >>>> by >>>> default" >>>> >>>> Now setup.exe works and can rebase everything; after that Cygwin Terminal >>>> starts as a working shell without problems.
>>>> @cygwin dev's - It seems one of the windows updates (system is on 1709 >>>> build >>>> 16299.214) might have changed my ASLR settings to "system wide mandatory" >>>> (i.e. >>>> see >>>> https://blogs.technet.microsoft.com/srd/2017/11/21/clarifying-the-behavior-of-mandatory-aslr/ >>>> for info) so that the cygwin DLLs don't work correctly anymore (i.e. see >>>> old >>>> thread about this topic here >>>> https://www.cygwin.com/ml/cygwin/2013-06/msg00092.html). >>>> It would be good to devize a test for the setup.exe that >>>> checks the registry (likely >>>> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session >>>> Manager\kernel]) >>>> for this state and alerts the user. >>> I'm on W10 Home 1709/16299.192 (slightly older). >>> Under Windows Defender Security Center/App & browser control/Exploit >>> protection/Exploit protection settings/System settings/Force randomization >>> for >>> images (Mandatory ASLR) - "Force relocation of images not compiled with >>> /DYNAMICBASE" is "Off by default", whereas Randomize memory allocations >>> (Bottom-up ASLR) - "Randomize locations for virtual memory allocations." >>> and all >>> other settings are "On by default". >>> Under Windows Defender Security Center/App & browser control/Exploit >>> protection/Exploit protection settings/Program settings various .exes have >>> 0-2 >>> system overrides of settings. >>> It would be nice if one of the project volunteers with Windows threat >>> mitigation >>> knowledge could look at these, to see if there is a better approach. >> I guess Andreas' suggestion is confirmed by >> https://github.com/mintty/wsltty/issues/6#issuecomment-361281467 > Here is the registry state: > Mandatory ASLR off > Windows Registry Editor Version 5.00 > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\kernel] > "MitigationOptions"=hex:00,02,22,00,00,00,00,00,00,00,00,00,00,00,00,00 > Mandatory ASLR on > Windows Registry Editor Version 5.00 > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\kernel] > "MitigationOptions"=hex:00,01,21,00,00,00,00,00,00,00,00,00,00,00,00,00 Could setup be updated to reset Mandatory ASLR if the reg keys exist, or an /etc/postinstall/[0z]p_disable_mandatory_aslr.sh script do a check and reset? -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
