Re: [RFC][PATCH] Randomize kernel base address on boot
From: Ingo Molnar
Date: Fri May 27 2011 - 13:16:42 EST
* Dan Rosenberg <drosenberg@xxxxxxxxxxxxx> wrote:
> Just to play devil's advocate, how is it easier for a local
> attacker to figure out where kernel internals are if it's been
> relinked vs. randomized at load time, assuming we follow through on
> fixing the info leaks?
Well, 'fixing the info leaks' will obfuscate previously useful files
such as /proc/kallsyms ...
That's one of the advantages of randomization: it allows us to expose
RIPs without them being an instant information leak.
Thanks,
Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/