aslr

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		 Previous revision
aslr [2018/08/18 14:24] – created rpjdayaslr [2018/08/18 14:35] (current) – [Basics] rpjday
Line 1: Line 1:
 ===== Overview ===== ===== Overview =====
  
-ASLR (Address Space Layout Randomization) stuff.+ASLR (Address Space Layout Randomization) stuff (exec shield?).
  
 Links: Links:
Line 7: Line 7:
   * [[https://lwn.net/Articles/569635/|Kernel address space layout randomization (LWN, 2013)]]   * [[https://lwn.net/Articles/569635/|Kernel address space layout randomization (LWN, 2013)]]
   * [[https://linux-audit.com/linux-aslr-and-kernelrandomize_va_space-setting/|Linux and ASLR: kernel/randomize_va_space]]   * [[https://linux-audit.com/linux-aslr-and-kernelrandomize_va_space-setting/|Linux and ASLR: kernel/randomize_va_space]]
 +  * [[https://securityetalii.es/2013/02/03/how-effective-is-aslr-on-linux-systems/|How Effective is ASLR on Linux Systems? (2013)]]
 +
 +Questions:
 +
 +  * What about kernel ASLR (KASLR)? Look for ''RANDOMIZE'' options.
 +
 +===== Basics =====
 +
 +Binaries must be position-independent executables, so worthless on statically-compiled binaries. Possible settings:
 +
 +  * 0 – No randomization. Everything is static.
 +  * 1 – Conservative randomization. Shared libraries, stack, mmap(), VDSO and heap are randomized.
 +  * 2 – Full randomization. In addition to elements listed in the previous point, memory managed through brk() is also randomized.
 +
 +
 +===== Checking and changing =====
 +
 +Checking:
 +
 +<code>
 +$ sysctl -a --pattern randomize
 +kernel.randomize_va_space = 2
 +$
 +</code>
 +
 +Changing:
 +
 +<code>
 +# echo 2 > /proc/sys/kernel/randomize_va_space
 +# sysctl -w kernel.randomize_va_space=2
 +</code>
  • aslr.1534602274.txt.gz
  • Last modified: 2018/08/18 14:24
  • by rpjday