Re: W10 Mandatory ASLR default

2018-02-18 Thread Brian Inglis
On 2018-02-18 13:07, Achim Gratz wrote: > Brian Inglis writes: >> Could setup be updated to reset Mandatory ASLR if the reg keys exist, or an >> /etc/postinstall/[0z]p_disable_mandatory_aslr.sh script do a check and reset? > > Both methods would likely be considered hostile by those who are most >

Re: W10 Mandatory ASLR default

2018-02-18 Thread Achim Gratz
Brian Inglis writes: > Could setup be updated to reset Mandatory ASLR if the reg keys exist, or an > /etc/postinstall/[0z]p_disable_mandatory_aslr.sh script do a check and reset? Both methods would likely be considered hostile by those who are most likely set these keys and in fact I'd expect them

Re: W10 Mandatory ASLR default

2018-02-18 Thread Andreas Schiffler
I'd say add a check and post a warning would the best solution. A setup script shouldn't modify a users security setup, and even if the script were to reset the settings they wouldn't be active until after a reboot. On 2/15/2018 10:41 PM, Brian Inglis wrote: On 2018-02-14 00:36, Andreas Schi

Re: W10 Mandatory ASLR default

2018-02-15 Thread Brian Inglis
On 2018-02-14 00:36, Andreas Schiffler wrote: > On 2/13/2018 11:17 PM, Thomas Wolff wrote: >> Am 14.02.2018 um 04:25 schrieb Brian Inglis: >>> On 2018-02-12 21:58, Andreas Schiffler wrote: Found the workaround (read: not really a solution as it leaves the system vulnerable, but it unblock

Re: W10 Mandatory ASLR default

2018-02-13 Thread Andreas Schiffler
Here is the registry state: Mandatory ASLR off Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\kernel] "MitigationOptions"=hex:00,02,22,00,00,00,00,00,00,00,00,00,00,00,00,00 Mandatory ASLR on Windows Registry Editor Version 5.00 [HK

Re: W10 Mandatory ASLR default

2018-02-13 Thread Thomas Wolff
Am 14.02.2018 um 04:25 schrieb Brian Inglis: On 2018-02-12 21:58, Andreas Schiffler wrote: Found the workaround (read: not really a solution as it leaves the system vulnerable, but it unblocks cygwin) - Go to Windows Defender Security Center - Exploit protection settings - Disable System Setting

Re: W10 Mandatory ASLR default (was: cygwin stopped working)

2018-02-13 Thread Brian Inglis
On 2018-02-12 21:58, Andreas Schiffler wrote: > Found the workaround (read: not really a solution as it leaves the system > vulnerable, but it unblocks cygwin) > - Go to Windows Defender Security Center - Exploit protection settings > - Disable System Settings - Force randomization for images (Mand