Date: Wed, 9 Mar 2016 11:22:10 -0500 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Big Lebowski <spankthespam@gmail.com> Cc: Piotr Kubaj <pkubaj@anongoth.pl>, freebsd-security <freebsd-security@freebsd.org> Subject: Re: Will 11.0-RELEASE include ASLR? Message-ID: <20160309162210.GA42303@mutt-hardenedbsd> In-Reply-To: <CAHcXP%2Bc%2B-PYkn4C8TyGf6Jropot3zsJAiDZFrBvmeT7595fqPA@mail.gmail.com> References: <56E02D95.9020303@anongoth.pl> <CAHcXP%2Bc%2B-PYkn4C8TyGf6Jropot3zsJAiDZFrBvmeT7595fqPA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--UlVJffcvxoiEqYs2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable (Responding inline) On Wed, Mar 09, 2016 at 04:05:12PM +0000, Big Lebowski wrote: > Hi Piotr, >=20 > There are people who can probably answer it better, but until they do, I > can share what I've heard about it: on the FreeBSD side there are few > things that stop ASLR implementation: >=20 > - there's no actual agreement between the influencial developers on wether > ASLR is viable or needed in first place Some FreeBSD developers think ASLR would be a good addition and others don't. We at HardenedBSD believe that ASLR provides a great foundation for further exploit mitigation technologies. We don't hold the belief that ASLR is the "end-all-be-all" of security as some would like you to believe. > - there was no planning or discussion how to implement ALSR in FreeBSD, > Shawn simply started writing the code, and some developers would like to > discuss and plan things first Discussions took place over a period of over two years. I was very cooperative. If you take a look at the two reviews on FreeBSD's Phabricator instance (linked to below), you'll notice that there's a lot of back-and-forth discussion. > - there are doubts expressed in the code reviews about code quality and > compliance to FreeBSD standards. Some developers dedicated their time to > review the code and provide feedback, there were few cycles of rewrite, > review, rinse, repeat, but if you'd look into the reviews, Shawn closed > them, and I understand they'd only be considered for inclusion if they'd > meet the code quality standards expected Initial patches did not meet code quality standards. However, those style(9) violations were fixed early on. Even though the patches on Phabricator are closed, they can still be looked at for independent review. However, the code is now old and does not reflect the current implementation in HardenedBSD. We closed the reviews so that we could focus on making HardenedBSD great, not because of the lack of code quality. I'm not sure whether the patches would be considered for inclusion. That's up to FreeBSD to decide. Given that the last patch went months without any input from FreeBSD--input that was promised to be delivered. >=20 > As a side note, one person saying 'ASLR implementation is finished' and > proper ASLR implementation that's properly tested, functional and not in > fact opening other security issues are two vastly different things, that > should be approached very carefully. Does "being tested over the period of three or so years through many full package builds, production deployments, and dogfooding" not mean "properly tested?" What does "properly tested" mean to you? The developers at HardenedBSD make it a point to run HardenedBSD on all their hardware--even laptops. HardenedBSD has been available for over two years, so it can be tested by anyone who downloads it and runs tests themselves. If there's a test you'd like me to run, please let me know. Thanks, Shawn Original Phabricator review: https://reviews.freebsd.org/D473 (warning: huge load time since this review spans around two years). New Phabricator review for a smaller prereq patch: https://reviews.freebsd.org/D3565 Thanks, Shawn >=20 > Cheers, > BL >=20 > On Wed, Mar 9, 2016 at 2:05 PM, Piotr Kubaj <pkubaj@anongoth.pl> wrote: >=20 > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA256 > > > > Shawn Webb has recently announced that ASLR is complete on HardenedBSD. > > There are patches ready for FreeBSD to use and it's ready to be shipped > > in FreeBSD. However, for some reason FreeBSD developers do not want to > > ship ASLR in FreeBSD. Why can't it be included at least as non-default > > src.conf option and marked as experimental? > > > > FreeBSD is the only OS that matters that doesn't have ASLR. > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v2 > > > > iQIcBAEBCAAGBQJW4C2QAAoJEHpZm4Ugg5yd2MoQAMPZ+UxbpTo9YvJz6YYB8wtH > > tRw3jQMUb4K6s26IO1mp/K6p+DM+HXcVvamO2cxjRKseQy/oLBGizgfR1ktBqdXQ > > xuqQJc5BCSdKgTsBs0IvNQghvUQkEyvYi+wn9EY9qJh6oEguAkcAWUhl5rGN2FhM > > Gwf9VDoPAR+n9Pjl6brcqyQvWczfDx9+VFpF0joeiI5PRRMF1UUsTYM/OHvtVoQA > > n1f8qNppIdprjwUjWE/BX6POaDhs4ZZKJRaFmbCuYudDPpX7P1yj7CHz/xthjMYG > > 325NnCJpN81fwCmcgvDFU3BYkEC9JSkBoA+5oDdRU3MALsJNQ10rz+IhAaeAsCMb > > oz7Oy0Gykeic60NLuMZlhOfl79XW666T1B9wOWlkrAlBPCY6v2kz6t/oJbHHGQOf > > CCBuhQJCdzdqyTnv0Bx4ZXiiecwhjvxaAPCwgppnxf2qLuBgxr9BsswMVp7wgYfM > > 2sfxk0pS0RuV5M2qWN9UATOyOiO5aPsC4f+WUzUM0LC6MbuHVDJu3QaUo7F3b3Ic > > KX150B3gWtsGlZZs8N9mIM3Aj/O5E496JHEf6zmlz6ssLuE6gIO8ICqpFSaXzkJC > > IWzgIVdL88gK6niVg7KCOAuzVZ1sxcx7cBCtGzAhVy9RhYKqwAtN9T2YOBC75cQW > > OdRGf2V3trcK664nKgEA > > =3DlM/6 > > -----END PGP SIGNATURE----- > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.= org > > " > > > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.or= g" --=20 Shawn Webb HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE --UlVJffcvxoiEqYs2 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJW4E2vAAoJEGqEZY9SRW7uC58P/REKa/2MuNFigeLu9/cbEYlA 8q0wWeNsPd34LxnJX82TT+Wutsd75PHDKXsI+IuwuRbaBY/CK73GKn0L17OM50+3 crXbbvfQUu6Fh2ui9z69wGTZG9lNQLir4JL9WLQ3Q4WwtFHBOuf/JL8/XPBL6DiZ 2WsX11p+JP1cC6uMpeuXij/0DdShcoh121hBJK+thzz09/2kf0dcqdbcPGB5D8GI H1b+pM3b0w1bKbkziTOLwBZ4D0xcDYIZ1n40YaS/WuZ8RwNHOUoOXE93ZwdcF6Z/ lWn7gL7jawwnEusKYvZc1oY5ZOVKib+ra7+HSJyN3XDSoo4fOoGDRwfx0vYeotpF mgS0dkWhvTmHrnL04ZspOF9JWvB5NyKFZAuhwolBH5ze/JRG4FV5dpoL807FVv6s nhKn6qBjvsH+Jd6eIAvodWkupdvVMuCWM52bOFISfpPG5Nk5Z4QrMSKdWwP7MHPl T/0HICXJKv3QgmXfMTplvPK5h2DFHrJKoCeNEoZM26JTJZVsmHZqkpzly2IoIc6K uTQiQZru2ekJzDlFJRPmiKq7k8oEjZYILZtQfvCzyTvBC5WAe2T6QwaWno/Llvyo IYALlySWIKPXxxG7/V6YJeytQ77EwYJFbzIOVc5DDxpuXnnNsmsW3UBaWcdDYGOJ v7CdCswIYWtY4vNEMjkD =X6e1 -----END PGP SIGNATURE----- --UlVJffcvxoiEqYs2--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160309162210.GA42303>