Date: Wed, 09 Mar 2016 10:21:42 -0700 From: Brett Glass <brett@lariat.net> To: Piotr Kubaj <pkubaj@anongoth.pl>, freebsd-security@freebsd.org Subject: Re: Will 11.0-RELEASE include ASLR? Message-ID: <201603091722.KAA24139@mail.lariat.net> In-Reply-To: <56E02D95.9020303@anongoth.pl> References: <56E02D95.9020303@anongoth.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
ASLR is controversial. Some see it as "security by obscurity;" others see it as extremely useful and effective. Yes, I would like it as a kernel build option, so that I can choose to optimize for raw speed (e.g. on a server which is hardened in other ways) or for the extra warm fuzzies that ASLR provides. --Brett Glass At 07:05 AM 3/9/2016, Piotr Kubaj wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA256 > >Shawn Webb has recently announced that ASLR is complete on HardenedBSD. >There are patches ready for FreeBSD to use and it's ready to be shipped >in FreeBSD. However, for some reason FreeBSD developers do not want to >ship ASLR in FreeBSD. Why can't it be included at least as non-default >src.conf option and marked as experimental? > >FreeBSD is the only OS that matters that doesn't have ASLR.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201603091722.KAA24139>