ASLR work into -HEAD ?
Shawn Webb
shawn.webb at hardenedbsd.org
Wed May 27 16:56:03 UTC 2015
On Wed, 2015-05-27 at 11:04 -0500, Pedro Giffuni wrote:
>
> On 05/27/15 01:20, Alfred Perlstein wrote:
> >
> >
> > On 5/24/15 1:43 PM, K. Macy wrote:
> >> On May 22, 2015 4:41 PM, "Bryan Drewery"<bdrewery at freebsd.org> wrote:
> >>> On 5/20/2015 12:24 PM, Pedro Giffuni wrote:
> >>>> My claim is that the majority of "professional" breachers and
> >>>> governments already have ASLR workarounds pre-coded and ready
> >>>> to launch. Finding an exploit is more difficult than beating
> >>>> ASLR so they are not going to hint everyone that they have
> >>>> an exploit until they can take all the linux/windows/MacOSX
> >>>> at the same time.
> >>>>
> >>>> The cost for the NSA and/or anonymous to step on
> >>>> ASLR is zero.
> >> Correct. But who are we really protecting against? If it's the NSA only air
> >> gap will really do. In reality it's just a matter of making the cost of
> >> circumventing protections exceed the value of the data or items being
> >> protected. Locking one's doors and windows doesn't make one's house
> >> impenetrable by any stretch, but it does deter opportunistic passerby.
> >>
> >> Protecting against state overreach is a political matter and shouldn't
> >> factor into whether to invest in deterring lesser malfeasors.
> >>
> >> I'm sorry, but Bryan has it right. The political discussion is a side show.
> >>
> >
> > +1, also having a line item is good. Not having ASLR just makes
> > FreeBSD look derp.
> >
>
> And of course I am in the minority that thinks that just because
> everybody else (or at least the OSs that matter) has done it
> doesn't necessarily make it a great idea. This will be my last email
> on the subject and I'll stop whining ... promise.
Good. I'd rather focus on code rather than pointless politics.
>
> > DragonFly BSD has an implementation of ASLR based upon OpenBSD's
> > model, added in 2010.[
> > Microsoft's Windows Vista (released January 2007) and later have ASLR
> > enabled
> > In 2003, OpenBSD became the first mainstream operating system to
> > support partial ASLR
> > In Mac OS X Leopard 10.5 (released October 2007), Apple introduced
> > randomization for system libraries
> >
> > Linux has enabled a weak form of ASLR by default since kernel version
> > 2.6.12 (released June 2005).
> >
> > So basically 1 more week and we can be 10 years behind Linux. :)
> >
>
> Happy birthday ASLR? ;) Somehow it hasn't been terribly useful in 10 years,
> and we haven't really missed it, unless there's something I am unaware of
> that the security advisories didn't mention.
>
> If it comes to adopt things because we have to follow the herd,
> that I guess I prefer the Dragonfly BSD approach:
>
> - It is a very simple, to-the-point patch.
Our patch is more complex due to per-jail support and the various
weaknesses FreeBSD wanted us to add. HardenedBSD's implementation does
not contain those weaknesses.
> - It is off by default (NetBSD too?) but very
> easy to setup with through a sysctl.
Our patch is disabled by default in the GENERIC kernel.
> - Given both points above it is very easy
> to revert once the marketing hype foo dies.
I hope security-related patches that have proven stable and
well-performing never get reverted.
>
> Again just my uneducated opinion, and I won't
> spend time on the "quick" approach either.
>
> regards,
>
> Pedro.
>
> _______________________________________________
> freebsd-arch at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-arch
> To unsubscribe, send any mail to "freebsd-arch-unsubscribe at freebsd.org"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.freebsd.org/pipermail/freebsd-arch/attachments/20150527/72949306/attachment.sig>
More information about the freebsd-arch
mailing list