tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: paxctl(8) and ASLR - bug?

On 05.06.2011 12:28, Aleksey Cheusov wrote:
> As far as I can see paxctl(8) doesn't work as expected on NetBSD current
> and 5.1. The following typescript shows that library load
> addresses stay the same after enabling PaX ASLR for the program.
> Executable load address on the other hand is randomized normally.
> It looks like a bug. What am I doing wrong?
> 0 ~>ldd -f '%o -> %x\n' ./main
> z -> 0x7f7ff7000000
> c -> 0x7f7ff6400000
> lzma -> 0x7f7ff6c00000
> m -> 0x7f7ff6800000

Here, ASLR is a flag associated to an executable. IIRC, NetBSD's ldd
does not execute the binary directly to resolve symbols (by setting
LD_TRACE_LOADED_OBJECTS env variable and let the dynamic linker print
the information, like, it performs the lookup itself.

In fact, you get the PaX flag from ldd (which is off there), rather than
the one from ./main.

Try with paxctl +A $(which ldd).

> =============================================================
> At the same time enabling ASLR globally works fine.
> =============================================================

That would explain the above.

Jean-Yves Migeon

Home | Main Index | Thread Index | Old Index