tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
modstat and kaslr
Hi,
Here is a patch [1] that hides the addresses of the kernel modules when
'modstat -k' is entered by an unprivileged user. The current behavior is
preserved for root.
The addresses currently leaked cannot be used to reconstruct the layout of
the kernel, since the module VAs are embedded in bootspace.boot, whose location
is independent from that of each of the remaining kernel segments.
But it's still good not to leak such information, to limit the surface for ROP
and a few other things, and this, also in the non-kaslr case. Ok?
[1] http://m00nbsd.net/garbage/module/modstat.diff
Home |
Main Index |
Thread Index |
Old Index