Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262843AbVA2Cuu (ORCPT ); Fri, 28 Jan 2005 21:50:50 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262844AbVA2Cuu (ORCPT ); Fri, 28 Jan 2005 21:50:50 -0500 Received: from mx1.redhat.com ([66.187.233.31]:5840 "EHLO mx1.redhat.com") by vger.kernel.org with ESMTP id S262843AbVA2Cun (ORCPT ); Fri, 28 Jan 2005 21:50:43 -0500 Date: Fri, 28 Jan 2005 21:50:27 -0500 (EST) From: Rik van Riel X-X-Sender: riel@chimarrao.boston.redhat.com To: John Richard Moser cc: Arjan van de Ven , linux-kernel@vger.kernel.org, akpm@osdl.org Subject: Re: Patch 4/6 randomize the stack pointer In-Reply-To: <41F96C7D.9000506@comcast.net> Message-ID: References: <20050127101117.GA9760@infradead.org> <20050127101322.GE9760@infradead.org> <41F92721.1030903@comcast.net> <1106848051.5624.110.camel@laptopd505.fenrus.org> <41F92D2B.4090302@comcast.net> <41F95F79.6080904@comcast.net> <1106862801.5624.145.camel@laptopd505.fenrus.org> <41F96C7D.9000506@comcast.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1402 Lines: 39 On Thu, 27 Jan 2005, John Richard Moser wrote: > Arjan van de Ven wrote: >>> Is this one any worse? >> yes. >> >> oracle, db2 and similar like to mmap 2Gb or more *in one chunk*. > > Special case? Absolutely, but ... > Can I get this put into perspective? How much more important is "Good" > randomization versus "not breaking Oracle," which becomes "No > randomization" 1) quite a lot of Linux users do use Oracle, DB2 or do scientific calculations - distributions cannot afford to break those applications, the default has to work for everybody 2) "weaker" randomization (2MB) is still effective if the stack is non-executable, so the "load a bunch of NOPs" approach won't work - this is what Fedora and RHEL use 3) it is not as theoretically strong as what you propose, but having the "weaker" scheme enabled is definitely more secure than having the "stronger" scheme disabled because it breaks applications -- "Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it." - Brian W. Kernighan - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/