Date: Thu, 10 Mar 2016 08:54:45 -0500 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Brett Glass <brett@lariat.org> Cc: Sergej Schmidt <sergej.schmidt@uni-ulm.de>, freebsd-security@freebsd.org Subject: Re: Will 11.0-RELEASE include ASLR? Message-ID: <20160310135445.GF42303@mutt-hardenedbsd> In-Reply-To: <201603100523.WAA00750@mail.lariat.net> References: <56E02D95.9020303@anongoth.pl> <201603091722.KAA24139@mail.lariat.net> <56E0BEEB.2070901@uni-ulm.de> <201603100523.WAA00750@mail.lariat.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--ULyIDA2m8JTe+TiX Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Mar 09, 2016 at 10:23:22PM -0700, Brett Glass wrote: > At 05:25 PM 3/9/2016, Sergej Schmidt wrote: >=20 > >In which way ASLR has something to do with security by obscurity? >=20 > ASLR attempts to create security by obscuring the locations of=20 > objects within the machine's address space. Critics of ASLR say=20 > (with some justification!) that this is just hiding them... in=20 > plain sight. Without getting into a flame war about that, I would=20 > simply like the option of compiling it in or not. That option has always been available in HardenedBSD's implementation. It has been a kernel option that you can toggle at compile time with the PAX_ASLR kernel option. IT can also be toggled via /boot/loader.conf by setting hardening.pax.aslr.status=3D0. Thanks, --=20 Shawn Webb HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE --ULyIDA2m8JTe+TiX Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJW4XyhAAoJEGqEZY9SRW7uAksP/jRzuQ1gZ0fZvjhTZOEfQwsS o0f+yuC7Zj/2eXn6Bychl8WsL+ZBqfUTZYJFQh+TbP4X3Oqs51np0G4h2R3dY6j5 L3P7SOui7I3eQRqGXnQNuvbVdN9++3EY5Km8qfzSU1FM+QQHCGJWO8LBGVLOAQiY Z3bXGreX0XYtAUFQOZPtJVDBnLz9K8LmEEFz5r89pkXqc1D6JxG5NRw4KDqQB+FS RgSWzDL52dT5MeUGYNFaAakatH7LJiTOXLMrVY3sWPkfwO+0HgJMApgg5yGJnckP ULXb7DkHL9aTv/Rv7WSe+6pybv+PLQPCY26c/gAxttCuH+TbHpjnuqsdHv6o3QzX 8E8PhhlioNr839Wl1UEw2fML41EuhiB0fC1ik135EAfIr7fhJMCFPixndM/c/aJx kb5xUMnYKDPitGzqXGOR1K/qw2ODARhSanbOkSwupM8t/13RhMVLVyiGxiF4TjW0 x8dSuzLYIw423qtCGWLYq16ZxP3e8scV5SRjfuE1gRuZzxmaelTkcWSkp9FQWGdN sr8/txrx0tE+OuZufwMGIp37jG3hNPkcCHRHFl0ANC0Si0nZ2dk0xw0U59/dQi34 D00/bAg5DHMFiott6SerEW0bg/tof9uUBOA88Q8tS5w4GL0fpe9SDAkU+MXvdbVd 1NMFWF0pEMYlLgo3g6Es =+RPW -----END PGP SIGNATURE----- --ULyIDA2m8JTe+TiX--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160310135445.GF42303>