LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Linux ASLR vulnerabilities

Linux ASLR vulnerabilities

Posted Apr 30, 2009 16:34 UTC (Thu) by nix (subscriber, #2304)
Parent article: Linux ASLR vulnerabilities

Oh that first one is quite nasty. We can stop reporting wchan for non-self users when non-root without breaking too much, but doing the same for /proc/*/stat is out of the question. Perhaps we can blank out just the sensitive fields in such cases?

(Log in to post comments)

Linux ASLR vulnerabilities

Posted May 2, 2009 13:15 UTC (Sat) by willezurmacht (guest, #58372) [Link]

The problem with blacklisting is that you never know when your blacklist is enough. The question is if there are any true legitimate uses of this and what's specifically required.

Either way, there are plenty of other methods to get around the difficulties presented by ASLR as of its current implementation in mainline kernel.

I would like to know if Jake's patch goes through, hopefully it does.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds