HEADS-UP: PIE enabled by default on main
Warner Losh
imp at bsdimp.com
Sun Feb 28 05:29:26 UTC 2021
On Sat, Feb 27, 2021 at 9:34 PM Ihor Antonov <ihor at antonovs.family> wrote:
> >
> > But isn't it well-known that ASLR/ASR/any-related-buzzwork does not add
> > any security, except imaginary? The only purpose of it is to have a
> > check-list item ticked green.
>
> I don't know if I should parse this as sarcasm (or any other form of
> "humor") or is a serious statement? But this does leave me with a whole
> bunch of questions..
>
> If this is really how Konstantin is describing it then is it OK to say
> about this to the whole Internet? Why FreeBSD Foundation is paying for
> meaningless work then? Why members of the Core team do this work? Does
> this mean that FreeBSD is working to satisfy the silly needs of some fat
> customer? What about project independence and not being controlled by
> big money?
>
> Where can I read about ASLR and security myths?
Why not spend time and explain why this does not work?
>
Not to rise to the baitiness of all these leading questions (they really
are quite contrary to how our community usually comports itself, but for
the sake of civil discourse, I'll ignore)....
I'll bet it has something to do with the many known ASLR attacks. One is
chronicled in https://www.vusec.net/projects/anc/ and elsewhere, which show
how MMU side channels can defeat ASLR. Or maybe he's familiar with the
offset2lib attack against Linux 64-bit ASLR documented in this paper
https://cybersecurity.upv.es/attacks/offset2lib/offset2lib-paper.pdf.
There's many others as well that show the shortcomings of ASLR and disclose
ways to defeat it using various clever means.
> You clearly should mean something useful and much more important than
> that,
> > when stating that FreeBSD made a huge step forward. So I want to be
> aware
> > of the advance.
>
> Why attack a person who was really happy for the project?
> This DOES sound a agressive, even for a sarcastic joke..
> I am saying this someone who shares the same native language with Mr.
> Belousov,
> it is not a "language/culture" difference thing.
> just your regular user who reads mailing list ocassionally
>
Maybe he'd like to understand how PIE accomplishes better security give the
known ASLR weaknesses. And rather than take a sarcastic tone, he asked for
more details that back up the earlier claims of improved security so we
could all learn something.
Warner
More information about the freebsd-current
mailing list