[grsec] randomize_va_space and PaX ASLR : bad interactions ?
pageexec at freemail.hu
pageexec at freemail.hu
Thu Jan 12 07:08:39 EST 2006
On 12 Jan 2006 at 10:39, Tristan de Cacqueray wrote:
> The thing is when I set kernel.randomize_va_space = 0, PaX seems to
> be disable, and the stack's base address is 0x5fffffff.
>
> When kernel.randomize_va_space is set to 1, pax is functioning
> (offsets are fully randomize).
>
>
> Is this a bug ?
it's a feature not a bug. earlier (and in 2.2/2.4 still) PaX
provided its own sysctl for turning off ASLR (when you enabled
SOFTMODE). since newer 2.6 provides a similar control for its
own randomization, i decided to make use of it in the interest
of not unnecessarily cluttering control knobs.
> Are you aware of any work-around ?
i guess what you're thinking of is that PaX's own sysctl depends
on the SOFTMODE config setting and randomize_va_space doesn't. i
can reinstate that dependency if there's interest in it.
More information about the grsecurity
mailing list