On Thu, Mar 01, 2012 at 06:16:14PM +0100, Arno Töll wrote: > On 01.03.2012 18:11, Arno Töll wrote: > > The vanilla kernel itself has some ASLR protection as well, > > although I think it is still not enabled by default in Debian (and > > is perhaps > ^^^^^^^^^^^^^^^^^^ > > KiBi corrected me. It is, sorry.
FWIW, here's a quick way to see if stuff is running with ASLR. This will show you what memory regions are _not_ being randomized: $ diff -u <(cat /proc/self/maps) <(cat /proc/self/maps) | grep ^" " 00400000-0040d000 r-xp 00000000 fb:00 17301639 /bin/cat 0060d000-0060e000 r--p 0000d000 fb:00 17301639 /bin/cat 0060e000-0060f000 rw-p 0000e000 fb:00 17301639 /bin/cat ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] In this case, the sections for the "cat" ELF are not randomized because "cat" wasn't built with PIE. And the vsyscall on amd64, but that's not very important, and there are even patches coming to randomize that too, so no worries there. Some architectures do not have mmap ASLR, so in that case, all the libraries will be in the same place too. (And any arch without mmap ASLR also has no text (PIE) ASLR.) -Kees -- Kees Cook @debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120302055627.gw3...@outflux.net