Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751688AbXAUViZ (ORCPT ); Sun, 21 Jan 2007 16:38:25 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1751689AbXAUViZ (ORCPT ); Sun, 21 Jan 2007 16:38:25 -0500 Received: from 69-100-st.zelcom.ru ([80.92.100.69]:1035 "EHLO etherstorm.feelingofgreen.ru" rhost-flags-OK-FAIL-OK-OK) by vger.kernel.org with ESMTP id S1751684AbXAUViY (ORCPT ); Sun, 21 Jan 2007 16:38:24 -0500 Date: Mon, 22 Jan 2007 00:38:16 +0300 Message-ID: <87vej0ukl3.wl@betelheise.deep.net> From: Samium Gromoff <_deepfire@feelingofgreen.ru> To: Arjan van de Ven Cc: Samium Gromoff <_deepfire@feelingofgreen.ru>, linux-kernel@vger.kernel.org Subject: Re: [PATCH] Undo some of the pseudo-security madness In-Reply-To: <1169345764.3055.935.camel@laptopd505.fenrus.org> References: <87y7nxvk65.wl@betelheise.deep.net> <1169345764.3055.935.camel@laptopd505.fenrus.org> User-Agent: Wanderlust/2.15.5 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.8 (=?ISO-8859-4?Q?Shij=F2?=) APEL/10.6 Emacs/23.0.51 (i486-pc-linux-gnu) MULE/5.0 (SAKAKI) X-Face: "P-:w!.&Hdk.h~~pT`!Q%H6;/8Cce^m&%vIn"W-SXb4h88dCgwD\_}N5:\}lowY2gxg0u^wVO*L\$C@MvBDRTmh/=,468w{W{OTc$kfq5O9Y!`pd+N}SMHrN+Gs>jXe5}}EL`cRbc0^_0cZ-}M\b~55I;Qe$1uL8M`M`82<_%CQ(GwLk."M>zBLn:-u>n,$kjH`~Uo[pH`08#\G!GVMd`%7![m9]*w5PMts4@m>=;lX41Z90N MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1712 Lines: 39 At Sun, 21 Jan 2007 03:16:04 +0100, Arjan van de Ven wrote: > On Sat, 2007-01-20 at 17:37 +0300, Samium Gromoff wrote: > > This patch removes the dropping of ADDR_NO_RANDOMIZE upon execution of setuid > > binaries. > > > > Why? The answer consists of two parts: > > > > Firstly, there are valid applications which need an unadulterated memory map. > > Some of those which do their memory management, like lisp systems (like SBCL). > > They try to achieve this by setting ADDR_NO_RANDOMIZE and reexecuting themselves. > > this is a ... funny way of achieving this > > if an application for some reason wants some fixed address for a piece > of memory there are other ways to do that.... (but to some degree all > apps that can't take randomization broken; for example a glibc upgrade > on a system will also move the address space around by virtue of being > bigger or smaller etc etc) > > [1]. See the excellent, 'Hackers Hut' by Andries Brouwer, which describes > > how AS randomisation can be got around by the means of linux-gate.so.1 > > got a URL to this? If this is exploiting the fact that the vdso is at a > fixed spot... it's no longer the case since quite a while. hmm, it seems to rely on that, yes: http://www.win.tue.nl/~aeb/linux/hhh/hh-9.html#ss9.6 > -- > if you want to mail me at work (you don't), use arjan (at) linux.intel.com > Test the interaction between Linux and your BIOS via http://www.linuxfirmwarekit.org regards, Samium Gromoff - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/