User Tools

Site Tools


aslr

This is an old revision of the document!


Overview

ASLR (Address Space Layout Randomization) stuff (exec shield?).

Links:

Questions:

  • What about kernel ASLR (KASLR)? Look for RANDOMIZE options.

Basics

Binaries must be position-independent executables. Possible settings:

  • 0 – No randomization. Everything is static.
  • 1 – Conservative randomization. Shared libraries, stack, mmap(), VDSO and heap are randomized.
  • 2 – Full randomization. In addition to elements listed in the previous point, memory managed through brk() is also randomized.

Checking and changing

Checking:

$ sysctl -a --pattern randomize
kernel.randomize_va_space = 2
$

Changing:

# echo 2 > /proc/sys/kernel/randomize_va_space
# sysctl -w kernel.randomize_va_space=2
aslr.1534602865.txt.gz · Last modified: 2018/08/18 14:34 by rpjday