Exec-shield and memory randomization
Dave Roberts
ldave at droberts.com
Sat Jul 30 19:10:04 UTC 2005
On Sat, 2005-07-30 at 08:35 -0400, Arjan van de Ven wrote:
> setarch has an -R option to start the binary without randomisation.
Thanks, Arjan. I appreciate your help. I have a few follow-up questions:
Does setarch set the info in a persistent fashion? I'm reading the man
page for it (under FC3) and I can't quite tell what it does (setarch in
general, but it also doesn't document the -R option, BTW).
Hmmm.... in fact, trying it now on FC3, it doesn't seem to support that
option. Is -R only in FC4 right now? If so, there's probably a need to
release another setarch that supports that option for FC3, since it
looks like the latest FC3 kernel (2.6.12-1.1372_FC3) has
randomize_va_space defaulting to 1.
Also, there's a strange thing that I noticed when trying to debug this a
couple days ago: for some reason, older binaries that I built 3 or 4
months ago seem to work fine, while newer binaries don't. Did something
in gcc change that makes the old ones work and the new ones not? (like
GCC setting some compatibility bit in the ELF header differently in
newer GCCs).
Finally, is randomize_va_space supposed to be controlled by exec-shield?
When debugging, I first set exec-shield to 0, but that didn't seem to
have an effect. It was only when randomize_va_space get set to 0 that
things started working. That it, they seem independent, but most of the
documentation on exec-shield I have seen seems to suggest that turning
off exec-shield should turn off just about everything and leave you with
a pretty standard system, ala the pre-exec-shield days. Is that no
longer true?
--
Dave Roberts <ldave at droberts.com>
More information about the fedora-devel-list
mailing list