At Sun, 21 Jan 2007 03:16:04 +0100, Arjan van de Ven wrote: > On Sat, 2007-01-20 at 17:37 +0300, Samium Gromoff wrote: > > This patch removes the dropping of ADDR_NO_RANDOMIZE upon execution of > > setuid > > binaries. > > > > Why? The answer consists of two parts: > > > > Firstly, there are valid applications which need an unadulterated memory > > map. > > Some of those which do their memory management, like lisp systems (like > > SBCL). > > They try to achieve this by setting ADDR_NO_RANDOMIZE and reexecuting > > themselves. > > this is a ... funny way of achieving this > > if an application for some reason wants some fixed address for a piece > of memory there are other ways to do that.... (but to some degree all > apps that can't take randomization broken; for example a glibc upgrade > on a system will also move the address space around by virtue of being > bigger or smaller etc etc) > > [1]. See the excellent, 'Hackers Hut' by Andries Brouwer, which describes > > how AS randomisation can be got around by the means of linux-gate.so.1 > > got a URL to this? If this is exploiting the fact that the vdso is at a > fixed spot... it's no longer the case since quite a while.
hmm, it seems to rely on that, yes: http://www.win.tue.nl/~aeb/linux/hhh/hh-9.html#ss9.6 > -- > if you want to mail me at work (you don't), use arjan (at) linux.intel.com > Test the interaction between Linux and your BIOS via > http://www.linuxfirmwarekit.org regards, Samium Gromoff - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/