wouldnt this also apply to the propolice stack ramdomization as well? not
just pax
-phar
----- Original Message -----
From: "Don Bailey" <don.bailey_at_gmail.com>
To: <vuln-dev_at_securityfocus.com>
Sent: Monday, April 03, 2006 2:09 PM
Subject: Re: Beating memory address randomization (secuirty) features in
Unix/Linux
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>> I believe they're talking about distros WITH RANDOMIZATION IE PAX
>> enabled.
>>
>
> Obviously. My point is that the original poster didn't
> seem to be concerned with more advanced issues,
> like PaX. Rather, they just wanted to learn how to
> evade the basic stack base randomization code
> employed on many popular Linux distros.
>
> Let them worry about things like PaX later.
>
> Also, tell me how often is PaX/grsec employed?
> Clearly, not often. Distros aren't even interested in
> deploying it as much as they are interested in
> the new vanilla kernel way of integrating security
> into the core code. That code still has a long way
> to go.
>
> Don "north" Bailey
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.0.5 (Build 5050)
>
> iQA/AwUBRDFk8l/Ie1ANMtLuEQK9+ACfbxWb4zSGmebcNduqXtqPyBk3PGAAoMJR
> rdo4rvXNExT1UBj3OnF8P/EE
> =iFTb
> -----END PGP SIGNATURE-----
>
>
Received on Apr 03 2006
Intro
