On Wed, Sep 28, 2011 at 11:38:06PM +0200, Mike Hommey wrote: > On Wed, Sep 28, 2011 at 10:52:15PM +0300, Riku Voipio wrote: > > On Tue, Sep 27, 2011 at 06:01:54PM -0700, Kees Cook wrote: > > > Just to be explicit, PIE tends to have small (<1%) performance hits on > > > register-starved architectures (i386) in most cases, for for certain work > > > loads (e.g. python) the hit is large (~15%). On architectures with plenty > > > of registers (amd64) there's virtually no measurable performance hit that > > > I've seen. > > > > > If your package handles 3rd party data of any kind (renders, network > > > daemons, file parsers, etc), I strongly recommend enabling PIE. > > > > However, on 32bit architectures address space randomizing (which is why > > people try sell PIE as a security feature) does not add much security. > > > > http://benpfaff.org/papers/asrandom.pdf > > Also note that as long as you can read memory in the process and have > access to /proc/self/auxv, you can find the base address of all > libraries.
The auxv file isn't readable after a uid transition, and if an attacker has sufficient control over a process to read /proc/self, ASLR is already a non-issue for that exploit. :) That said, yes, plugging leaks of process memory locations is important when defending against local attacks. Remote attacks will have many fewer opportunities for finding memory location leaks. -Kees -- Kees Cook @debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111001174541.gr6...@outflux.net
