Security-improving technologies which could be deployed now
Posted Oct 21, 2004 21:30 UTC (Thu) by bluefoxicy
In reply to: Security-improving technologies which could be deployed now
Parent article: Security-improving technologies which could be deployed now
"Then, the machine is rebooted,"
"Using just the information you now have, you can't figure out where sshd, Mozilla, or apache have libc"
"changes every time the program is run"
I feel I need to clarify here that the reboot in the example was done to rerun *everything*, including init and all services. You could also init -U to reload init; telinit 1 to return to maintenance mode; restart all base system services; and then go back to normal mode and log back in. This route would accomplish the same thing--reloading all programs. It would, of course, be a long and annoying process that would be more quickly completed by a reboot (or kexec).
In short, the kernel does not need to be reloaded to rerandomize the address space of individual applications.
Also notable here is that I'm not contending bugs at kernel level, or information leaking bugs which you may have discovered during the month of examination; these are natural bugs which must be fixed, since they can't be protected against anyway and are thus out of scope.
to post comments)