From owner-freebsd-security  Sat Dec  1  9:31:43 2001
Delivered-To: freebsd-security@freebsd.org
Received: from oxmail.ox.ac.uk (oxmail3.ox.ac.uk [129.67.1.180])
	by hub.freebsd.org (Postfix) with ESMTP id E8E2237B416
	for <security@freebsd.org>; Sat,  1 Dec 2001 09:31:40 -0800 (PST)
Received: from dhcp212.wadham.ox.ac.uk ([163.1.164.212] helo=piii600.wadham.ox.ac.uk)
	by oxmail.ox.ac.uk with esmtp (Exim 3.12 #1)
	id 16ADzH-0002rV-03
	for security@FreeBSD.ORG; Sat, 01 Dec 2001 17:31:39 +0000
Reply-To: cperciva@sfu.ca
Message-Id: <5.0.2.1.1.20011201171925.035156f8@popserver.sfu.ca>
X-Sender: cperciva@popserver.sfu.ca
X-Mailer: QUALCOMM Windows Eudora Version 5.0.2
Date: Sat, 01 Dec 2001 17:31:37 +0000
To: security@FreeBSD.ORG
From: Colin Percival <colin.percival@wadham.ox.ac.uk>
Subject: Re: philosophical question...
In-Reply-To: <3C0903C1.9010108@noos.fr>
References: <200112011642.JAA09819@lariat.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

At 17:22 01/12/2001 +0100, Extended Laurent Fabre wrote:
>Seems like an OpenBSD feature :P
>
>But from a security point of view, if an attacker can guess
>the random seed, i can't see the protection offered...
>It will just raise the number of brute force attacks...

   I think that a certain amount of protection is given by the fact that an 
exploit which fails as a result of malloc being nondeterministic would have 
a good chance of crashing the daemon being attacked.  Brute force attacks 
are hard when each faliure has a chance of making further attempts 
impossible. ;)
   Another interesting consideration is that making malloc nondeterministic 
could make other bugs visible.

   Still, I have to agree that this sounds pretty OpenBSDish... looking at 
the BSDs as a whole I'd say it would make sense for this to be added into 
OpenBSD first and ported to FreeBSD once it has proved itself.

Colin Percival



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message