patch to randomize mmap offsets
dillon at apollo.backplane.com
Mon Jan 15 16:06:01 PST 2007
:> hmm. I'm not a big fan of OpenBSD's randomization code. I'm not
:> rabidly against the patch but it is a bit hackish. It seems to me
:> that somthing similar could be implemented simply by having the RTLD
:> or LIBC code mmap() a randomly sized dead segment, and not have to
:> build anything into the kernel.
:Wouldn't that result in 2x the syscalls for calling mmap()?(isn't this
:expensive?) Or do I not understand what you mean?
:Kevin L. Kane
You could just request more space then you need and randomly offset
the allocations you do from within that space. That has the same
result pretty much.
Or you could just make a few randomly-sized mmap() calls at the start
of the program but not on every mmap. The first few calls will offset
the address returned by all later calls.
Similarly you can create a random stack offset by allocating a random
amount of space on the stack at program start. There is no need to
have the kernel do it for you when you can do it yourself (libc, that is).
More information about the Submit