Re: [RFC][PATCH] Randomize kernel base address on boot

From: Kees Cook
Date: Fri May 27 2011 - 13:21:21 EST

Next message: Linus Torvalds: "Re: [RFC][PATCH] Randomize kernel base address on boot"
Previous message: Linus Torvalds: "Re: [RFC][PATCH] Randomize kernel base address on boot"
In reply to: Ingo Molnar: "Re: [RFC][PATCH] Randomize kernel base address on boot"
Next in thread: Ingo Molnar: "Re: [RFC][PATCH] Randomize kernel base address on boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, May 27, 2011 at 10:13:54AM -0700, H. Peter Anvin wrote:
> On 05/27/2011 10:10 AM, Dan Rosenberg wrote:
> >
> > Just to play devil's advocate, how is it easier for a local attacker to
> > figure out where kernel internals are if it's been relinked vs.
> > randomized at load time, assuming we follow through on fixing the info
> > leaks?
> >
>
> You can read the on-disk kernel file and find out.

If we're still operating under the assumption of "defend against non-root",
distros can trivially make the on-disk kernels 0400.

-Kees

--
Kees Cook
Ubuntu Security Team
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: [RFC][PATCH] Randomize kernel base address on boot"
Previous message: Linus Torvalds: "Re: [RFC][PATCH] Randomize kernel base address on boot"
In reply to: Ingo Molnar: "Re: [RFC][PATCH] Randomize kernel base address on boot"
Next in thread: Ingo Molnar: "Re: [RFC][PATCH] Randomize kernel base address on boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]