From owner-freebsd-security Sat Dec 1 8:59:59 2001 Delivered-To: freebsd-security@freebsd.org Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44]) by hub.freebsd.org (Postfix) with ESMTP id 9B20C37B405; Sat, 1 Dec 2001 08:59:56 -0800 (PST) Received: (from daemon@localhost) by point.osg.gov.bc.ca (8.8.7/8.8.8) id IAA17706; Sat, 1 Dec 2001 08:59:16 -0800 Received: from passer.osg.gov.bc.ca(142.32.110.29) via SMTP by point.osg.gov.bc.ca, id smtpda17703; Sat Dec 1 08:59:07 2001 Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.11.6/8.9.1) id fB1Gx2p75407; Sat, 1 Dec 2001 08:59:02 -0800 (PST) Received: from UNKNOWN(10.1.2.1), claiming to be "cwsys.cwsent.com" via SMTP by passer9.cwsent.com, id smtpdY75404; Sat Dec 1 08:58:40 2001 Received: (from uucp@localhost) by cwsys.cwsent.com (8.11.6/8.9.1) id fB1Gwep07621; Sat, 1 Dec 2001 08:58:40 -0800 (PST) Message-Id: <200112011658.fB1Gwep07621@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpdKa7610; Sat Dec 1 08:57:59 2001 X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 Reply-To: Cy Schubert - ITSD Open Systems Group From: Cy Schubert - ITSD Open Systems Group X-Sender: schubert To: Brett Glass Cc: phk@FreeBSD.ORG, security@FreeBSD.ORG Subject: Re: philosophical question... In-reply-to: Your message of "Sat, 01 Dec 2001 09:42:14 MST." <200112011642.JAA09819@lariat.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 01 Dec 2001 08:57:59 -0800 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In message <200112011642.JAA09819@lariat.org>, Brett Glass writes: > > Would it inconvenience debugging that malloc(3) becomes non > > deterministic in its layout ? > > > Would the increased uncertainty on program run-time be > > good or bad ? > > It could make reproduction of problems more difficult. So, if > it goes in, I'd like a switch to turn it off.... Maybe a > sysctl. > > But there's a more serious philosophical issue here. Isn't > shuffling the heap to avoid attacks really a form of > "security via obscurity?" Defence through depth. Every little bit helps. I think we should do this. I suppose we could have a malloc.conf bit to turn this feature off (on by default). Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Email: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD Ministry of Management Services Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message