Will 11.0-RELEASE include ASLR?
Shawn Webb
shawn.webb at hardenedbsd.org
Wed Mar 9 22:23:16 UTC 2016
On Wed, Mar 09, 2016 at 10:21:42AM -0700, Brett Glass wrote:
> ASLR is controversial. Some see it as "security by obscurity;" others see
> it as extremely useful and effective.
>
> Yes, I would like it as a kernel build option, so that I can choose to
> optimize for raw speed (e.g. on a server which is hardened in other ways)
> or for the extra warm fuzzies that ASLR provides.
The great thing is that our implementation comes as a kernel build
option, just like you want. Our implementation also works on a per-jail
basis.
Thanks,
--
Shawn Webb
HardenedBSD
GPG Key ID: 0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20160309/fee095fb/attachment.sig>
More information about the freebsd-security
mailing list