User: Password:
Subscribe / Log in / New account

This is problem of communication

This is problem of communication

Posted May 14, 2009 14:00 UTC (Thu) by khim (subscriber, #9252)
In reply to: Random numbers for ASLR by ebiederm
Parent article: Random numbers for ASLR

So are you willing to write a patch to correct the situation?

A lot of guys can and will write a patch (including me), but few a ready to fight with kernel developers...

(Log in to post comments)

This is problem of communication

Posted May 14, 2009 18:10 UTC (Thu) by zooko (guest, #2589) [Link]

Yeah, I personally would hesitate to offer patches or analysis to lkml, simply because I don't want to be part of a conversation with that tone.

For what it is worth, it sounds like Matt Mackall stated a plausible threat -- that an attacker might be able to predict results from get_random_int(), thus being able to predict the address space randomization that is supposed to stop him. Linus's reply as quoted in this article, saying that Matt's concern is "TOTALLY INSANE" doesn't make sense to me.

I don't think that any cryptographer would ridicule Matt for this concern. To the contrary, I've always observed cryptographers (the vast majority of them) to be polite and precise. Engaging in ridicule leads one to make mistakes. ;-)

This is problem of communication

Posted May 15, 2009 0:10 UTC (Fri) by droundy (subscriber, #4559) [Link]

From what I could tell, his point was that they're only using 8 bits of randomness in the ASLR (presumably because of address-layout constraints and not wanting to waste address space?), which means that 256 tries will get you the answer anyhow. If there's a simple and easy attack, why should we work so hard to prevent a tricky sophisticated attack that achieves the same result?

But then again, maybe I misunderstood, in which case I'll be glad to be corrected...

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds