Andi Kleen wrote: > Executables are at fixed addresses. No, they are not. Look up PIE - Position Independent Executable. That's the point: on a hardened system _all_ objects, executable and libraries, are mapped at randomised addresses. Therefore the simple overwrite-return-address exploit is no longer reliable and tends to crash the program. That's what this desire for randomised VDSO address is all about. The executable and all the libraries are at random addresses in security-hardened PIE systems. (Actually even when executables are at fixed addresses, they can be mapped at an address which is harder to exploit because the address contains a zero byte - something which is harder to get into a buffer overflow - but only a little harder). [ Ulrich: I see randomised prelinking with PIE mentioned, to give per-box random addresses instead of per process. I guess I wasn't far wrong in suggesting prelinked random VDSO positions :) ] If you are not running PIE and randomised executable and library positions, then I agree there is nothing to gain from varying the VDSO position, and it is a slight performance loss so should be disabled. -- Jamie - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo _at_ vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Follow-Ups:
- Re: [RFC][PATCH] linux-2.6.2-rc2_vsyscall-gtod_B1.patchAndrea Arcangeli
- Prev by Date: Re: [ANNOUNCE] udev 016 release
- Next by Date: iptables stopped logging to files, but shows in ring buffer
- Previous by thread: Re: [RFC][PATCH] linux-2.6.2-rc2_vsyscall-gtod_B1.patch
- Next by thread: Re: [RFC][PATCH] linux-2.6.2-rc2_vsyscall-gtod_B1.patch
- Indexes:[Main][Thread]