From: Vladimir Solomatin <slash@relex.ru>
To: gentoo-user-ru@lists.gentoo.org
Subject: Re: [gentoo-user-ru] article about Hardened Gentoo
Date: Wed, 20 Feb 2008 17:28:40 +0300 [thread overview]
Message-ID: <47BC3918.6010705@relex.ru> (raw)
In-Reply-To: <20070812142703.GE31373@home.power>
Hello, Alex Efros
On 11/14/2005 04:39 PM, you wrote:
> Executable anonymous mapping : Killed
> Executable bss : Killed
> Executable data : Killed
> Executable heap : Killed
> Executable stack : Killed
> Executable anonymous mapping (mprotect) : Killed
> Executable bss (mprotect) : Killed
> Executable data (mprotect) : Killed
> Executable heap (mprotect) : Killed
> Executable stack (mprotect) : Killed
> Executable shared library bss (mprotect) : Killed
> Executable shared library data (mprotect): Killed
> Writable text segments : Killed
> Anonymous mapping randomisation test : 15 bits (guessed)
> Heap randomisation test (ET_EXEC) : 13 bits (guessed)
> Heap randomisation test (ET_DYN) : 23 bits (guessed)
> Main executable randomisation (ET_EXEC) : No randomisation
> Main executable randomisation (ET_DYN) : 15 bits (guessed)
> Shared library randomisation test : 15 bits (guessed)
> Stack randomisation test (SEGMEXEC) : 23 bits (guessed)
> Stack randomisation test (PAGEEXEC) : 24 bits (guessed)
> Return to function (strcpy) : Vulnerable
> Return to function (memcpy) : Vulnerable
> Return to function (strcpy, RANDEXEC) : Vulnerable
> Return to function (memcpy, RANDEXEC) : Vulnerable
> Executable shared library bss : Killed
> Executable shared library data : Killed
>
> Что нужно ещё включить чтобы "Return to function" тоже были защищены я пока
> не разбирался - времени нет.
>
$ bzless /usr/share/doc/paxtest-0.9.6/README.bz2
Return to function (strcpy)
Return to function (strcpy, RANDEXEC)
Return to function (memcpy)
Return to function (memcpy, RANDEXEC)
Return to function attacks are very nasty. These tests are hard to
stop by kernel patches, but they show that there you should not
expect
perfect protection from this kind of security patches.
--
Vladimir Solomatin (slash@relex.ru)
Phone: + 7 (4732) 711711
Relex Inc, Voronezh.
--
Vladimir Solomatin (slash@relex.ru)
Phone: + 7 (4732) 711711
Relex Inc, Voronezh.
prev parent reply other threads:[~2008-02-20 18:06 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20070812142703.GE31373@home.power>
2008-02-20 14:11 ` [gentoo-user-ru] article about Hardened Gentoo Vladimir Solomatin
2008-02-20 21:08 ` Alexey Voychehovich
2008-02-20 21:38 ` Alex Efros
2008-02-20 21:37 ` Alex Efros
2008-02-22 9:21 ` Mad Deer
2008-02-22 9:34 ` Alex Efros
2008-02-20 14:28 ` Vladimir Solomatin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47BC3918.6010705@relex.ru \
--to=slash@relex.ru \
--cc=gentoo-user-ru@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox