Re: kernel aslr: someone interested?

To: tech-kern%NetBSD.org@localhost
Subject: Re: kernel aslr: someone interested?
From: Mouse <mouse%Rodents-Montreal.ORG@localhost>
Date: Sat, 25 Mar 2017 22:17:21 -0400 (EDT)

> [ASLR] is just one more check mark in the exploit building tool.

Yes and no.

It increases the work required to exploit any putative bugs.  It does
not make exploitation impossible, but that does not mean it's not worth
making it harder.  "You don't have to run faster than the bear; you
just have to run faster than someone else."  That is, you don't have to
be impossible to exploit; you just have to be enough harder to make
them go after someone else instead.

I wonder if there's some way to do it that allows you to change offsets
on the fly.  It may well be a pipe dream, but, if you could relocate
everything in kernel space periodically, say, every second, it could
_significantly_ increase the work factor for exploitation.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

Follow-Ups:
- Re: kernel aslr: someone interested?
  - From: John Nemeth
- Re: kernel aslr: someone interested?
  - From: Joerg Sonnenberger

References:
- kernel aslr: someone interested?
  - From: Maxime Villard
- Re: kernel aslr: someone interested?
  - From: Joerg Sonnenberger
- Re: kernel aslr: someone interested?
  - From: Maxime Villard
- Re: kernel aslr: someone interested?
  - From: Joerg Sonnenberger

Prev by Date: Re: kernel aslr: someone interested?
Next by Date: Re: kernel aslr: someone interested?
Previous by Thread: Re: kernel aslr: someone interested?
Next by Thread: Re: kernel aslr: someone interested?
Indexes:

Home | Main Index | Thread Index | Old Index