Date: Mon, 26 May 2014 09:54:24 +0800 From: Julian Elischer <julian@freebsd.org> To: David Chisnall <theraven@FreeBSD.org>, Oliver Pinter <oliver.pntr@gmail.com> Cc: freebsd-stable@freebsd.org, dim@freebsd.org, Shawn Webb <lattera@gmail.com>, freebsd-security@freebsd.org, freebsd-current@freebsd.org, =?ISO-8859-1?Q?Dag-Erling_Sm=F8rgrav?= <des@des.no> Subject: Re: [CFT] ASLR, PIE, and segvguard on 11-current and 10-stable Message-ID: <53829ED0.7010105@freebsd.org> In-Reply-To: <38F830B6-4B52-4372-9BC6-565B2387720F@FreeBSD.org> References: <20140514135852.GC3063@pwnie.vrt.sourcefire.com> <CAPjTQNG9pGLbDF7a8b%2B9s_NRD3Rq-sLnj7AXczjB=Ko_S44C3A@mail.gmail.com> <86a9a56ac6.fsf@nine.des.no> <CAPjTQNE6V%2BMAMg4KODVhLckq9p=kpKZPmSK=LEtQkcfZqVi7SA@mail.gmail.com> <86wqd94nk6.fsf@nine.des.no> <CAPjTQNFrkmaXY_TcJBjDa8tUJOY4nPD%2BiPVwk0Z0rpWHK8UeKQ@mail.gmail.com> <38F830B6-4B52-4372-9BC6-565B2387720F@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/26/14, 5:18 AM, David Chisnall wrote: > On 25 May 2014, at 21:31, Oliver Pinter <oliver.pntr@gmail.com> wrote: > >> On 5/25/14, Dag-Erling Smørgrav <des@des.no> wrote: >>> Oliver Pinter <oliver.pntr@gmail.com> writes: >>>> pax_log will be in future a generic pax related logging framework, >>>> with ratelimiting and other features. It will log user, IP, binary >>>> name, path, checksum, and others. >>> What are you using this for? Are you sure you can't use ktrace? It's a >>> lot more flexible and powerful than you probably realize. >> Logging to system log, The feature will similar to this in grsecurity: >> http://en.wikibooks.org/wiki/Grsecurity/Appendix/Grsecurity_and_PaX_Configuration_Options#Kernel_Auditing > It sounds like you actually want to be writing audit events then. See audit(4). yeah I think the point is not "use ktrace" but "use and/or possibly extend one of the several already existing methods". we don't need *another* logging facility. > > David > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53829ED0.7010105>