Announcement

Collapse
No announcement yet.

HardenedBSD: The Latest BSD Project That Aims To Boost Security

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #21
    > OpenBSD and DragonflyBSD ASLR is a joke, predictable and the variation is very smart unlike Linux. Also, W^X sucks.

    Could you expand on this ? Or is it yet another uninformed bullshit troll ?

    Comment


    • #22
      Originally posted by enjolras View Post
      > OpenBSD and DragonflyBSD ASLR is a joke, predictable and the variation is very smart unlike Linux. Also, W^X sucks.

      Could you expand on this ? Or is it yet another uninformed bullshit troll ?
      I meant "OpenBSD and DragonflyBSD ASLR is a joke, predictable and the variation is very small unlike Linux". Run this code on both OpenSBD and DragonflyBSD and compare it to Linux and you will see why:

      Code:
      #include <stdio.h>
      
      unsigned long get_sp(void){
          __asm__("mov %rsp, %rax");
      }
      
      int main(){
          printf("Stack pointer (ESP): 0x%x\n", get_sp());
      }

      Comment


      • #23
        Correct me if i'm wrong, but... i don't see the point of randomizing stack base.

        Against which sort of attacks are you trying to protect ? Afaik the classic buffer overflow attack will just fill the stack frame to call another procedure you managed to get the address. For this, you don't need to know the stack address. And as soon as you manage to execute code, you can get the stack address by just reading ESP anyway. I'm probably a bit naive, but i really don't see why you'd need to randomize the stack base.

        Comment


        • #24
          Originally posted by ncopa View Post
          Well, Linux only had ASLR if you applied the 3rd party PaX patch. The PaX patch was not accepted in mainline kernel. (please point me to a commit if still think I am wrong)

          Also, ASLR is only one of many nice features in PaX. There are others like PAGEEXEC, MPROTECT. PaX is often used as a part of Grsecurity, which again adds many more hardening features (chroot hardening, IPC hardening, RBAC etc)

          Oh, btw, PaX started in 2000, not 2001. Grsecurity started in 2001.


          I assume that "everything breaks" means that *many* 3rd party application breaks due to OpenBSD's memory protection features. Those apps were silently broken on Linux too, but OpenBSD folks made sure that many of those bugs got fixed. This was a huge benefit for everyone.


          This is wrong.


          PaX is still, in 2014, a 3rdparty patch, which mainline has not yet adopted. (latest patch for linux-3.16.1 is ~3.2MB of size)

          Linus explains why he rejects PaX in 2009: http://lwn.net/Articles/313765/

          An article which includes some of the Grsecurity/PaX history: http://lwn.net/Articles/313621/

          So no, Linux has not improved PaX and PaX was not enabled by default in 2005. What you call "BSD propaganda" is closer to the truth than the "truth" you present.
          Interesting you answered him. He either has his own private guru who tells him all that stories, or is a stupid agency employee with 990 $ / month salary. He is obviously prepared only for 13 year olds, who just started getting some interest in stuff, and who come on cool, cold, bad ass mf. To type shit like 'linux improved PaX, made it default' one has to be in a very serious condition.

          Comment


          • #25
            Originally posted by reCAPTCHA View Post
            Interesting you answered him. ...
            Just put endman on your ignore list and you are done.

            Comment

            Working...
            X