Linux Security Feature Revised For Randomizing The Kernel Stack Offset At Each System Call

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts
  • phoronix
    Administrator
    • Jan 2007
    • 67123

    Linux Security Feature Revised For Randomizing The Kernel Stack Offset At Each System Call

    Phoronix: Linux Security Feature Revised For Randomizing The Kernel Stack Offset At Each System Call

    Patches have been revised for allowing Linux to support kernel stack base address offset randomization for each system call...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
  • mystiquewolf
    Junior Member
    • Apr 2020
    • 35

    #2
    Doesn't Windows have this since XP?

    Comment

    • szymon_g
      Senior Member
      • Sep 2008
      • 407

      #3
      DEP is something different

      Comment

      • mystiquewolf
        Junior Member
        • Apr 2020
        • 35

        #4
        Okay, i fact checked.. it's since Windows Vista. I know Linux as a paradigm is "Hey there virus, even if you exploit the program you won't be able to do anything", and "you dumb, where did you encounter a Linux virus", but as far as i know DEP and ASLR were the mainstay of memory protection. Isn't Linux too late to the party? Multi-layered security?

        Comment

        • oiaohm
          Senior Member
          • Mar 2017
          • 8267

          #5
          Originally posted by mystiquewolf View Post
          Okay, i fact checked.. it's since Windows Vista. I know Linux as a paradigm is "Hey there virus, even if you exploit the program you won't be able to do anything", and "you dumb, where did you encounter a Linux virus", but as far as i know DEP and ASLR were the mainstay of memory protection. Isn't Linux too late to the party? Multi-layered security?


          You are thinking address randomisation that was added in Vista. This did not add stack randomisation of the stack offset that this is doing. ASLR and DEP really comes into the LInux kernel sooner than Windows. Linux basic DEP is called NX that even old added to Linux.

          Grsecurity patchset provided some more advanced stuff than Microsoft Windows offered now those features are turning up as mainline features. This is a feature that just been adding to the LInux kernel that OS X and Windows don't have if you are lucky they will get it in another 2 to 3 years..

          Comment

          • qarium
            Senior Member
            • Nov 2008
            • 3396

            #6


            i think this news has something to do with this link. i was hacked to by chinese communist hackers.
            Phantom circuit Sequence Reducer Dyslexia

            Comment

            • SystemCrasher
              Senior Member
              • Jan 2015
              • 1376

              #7
              If you have to worry about things like APT... you've got quite a problem and no any widespread OS would save you easily on its own. And even exotic OS could be investigated by such a powerful adversary. Security is funny thing. Most dangerous time is when you feel yourself safe.

              Comment

              Working...
              X