X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@mail.alpinelinux.org Received: from nm18.bullet.mail.ukl.yahoo.com (nm18.bullet.mail.ukl.yahoo.com [217.146.183.192]) by mail.alpinelinux.org (Postfix) with SMTP id 85C53DC1A82 for ; Thu, 12 Apr 2012 23:45:42 +0000 (UTC) Received: from [217.146.183.182] by nm18.bullet.mail.ukl.yahoo.com with NNFMP; 12 Apr 2012 23:45:41 -0000 Received: from [217.146.182.75] by tm13.bullet.mail.ukl.yahoo.com with NNFMP; 12 Apr 2012 23:45:41 -0000 Received: from [127.0.0.1] by smtp106.mail.ukl.yahoo.com with NNFMP; 12 Apr 2012 23:45:41 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.co.uk; s=s1024; t=1334274341; bh=Ui5eh1oL09mLvwVz5dXG6HMTcdvrtsCRO/6MatToUPc=; h=X-Yahoo-Newman-Id:Message-ID:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:Received:Date:From:To:Subject:In-Reply-To:References:X-Mailer:Mime-Version:Content-Type:Content-Transfer-Encoding; b=YMpoU88IetvCq6j4vzk/PSItDAbR4yRPV6nzVMIVEZ2kRyxnHyKMz3cxDU4KdQtLx/XDDpVxgEX4T/IEDTeNTyjJRR7fnThivmRGpU2JDZzCQZx17FfgqjLagZyyMWlSMcS29TpXIG1vmp4uKxJTJxr1GDZfB+4jw9eA9fxvFus= X-Yahoo-Newman-Id: 681852.72532.bm@smtp106.mail.ukl.yahoo.com Message-ID: <681852.72532.bm@smtp106.mail.ukl.yahoo.com> X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: tV7.p3UVM1ncJ8RkxVx_iXczpR9gzutJKAUtnConmJZFZg8 d61uh7PTOsjry_AWc4eo9p5GJprwZLOMTsSi9eYI3o00AArAQBly483zH5I3 T12WgUCqz19EjQcKxQ8jsQaxx.Qj3dtt0Iqb3XA1BsxHIRzn1rb4DzPy1IVt 2i4pGrvfxvjYYEAUqYorBSzLQw9KhJ77HI6lNb6OGvaKomVaMH_Y1wE_Jhsn 27MM3hfPRkv8WNrGaOD2WBVqpe_Z95CLL7WJWzJqItFpSFQnlTUsS4iBo65Y Z1I1Bkw4l1rf00KpKiYujXbPEcd2zOs0p6Tb.kaCPZ_yoe7aSDeEv8Qc0ZAc Mkg6f10Ii2Fk44.rOQaRbwjW7QhPSgXUDf3fl6G2MYf_HsewW6BZ16Xri0xa EuBiybfyRQvQBP37cmLCPRolAbrPl4OEsMKixcFlZpHRdbZ.J7WbTqlzKWkU _fJE8Bwo2AdZWdCua0weBA.1WVe9HMG4NaNU- X-Yahoo-SMTP: UxXxlhuswBC4wbdewolpwSmT1iJVzQ-- Received: from sprat (ma1l1ists@92.27.156.6 with login) by smtp106.mail.ukl.yahoo.com with SMTP; 12 Apr 2012 16:45:41 -0700 PDT Date: Fri, 13 Apr 2012 13:47:00 +0100 From: Kevin Chadwick To: alpine-devel@lists.alpinelinux.org Subject: Re: [alpine-devel] [announce] Sonnet GNU/Linux (somewhat derivative of Alpine) In-Reply-To: References: <965117.94628.bm@smtp142.mail.ukl.yahoo.com> <148752.52050.bm@smtp133.mail.ukl.yahoo.com> X-Mailer: KeVs Mailer X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Wed, 11 Apr 2012 23:27:00 +0000 William Pitcock wrote: > > As I understand it, PAX and grsec make many known exploits fail. What > > grounds are you arguing this on. The fact mprotect is often disabled? > > This is false. The fact that the distribution is compiled with PIE is > why many known exploits fail. The fact that binaries are compiled > with PIE allows the ASLR code (either in Linux itself or provided by > PaX) to randomize specific segment addresses in a binary. ASLR is the > reason why ret2libc attacks are not successful. I suggest you take these things up with the pax team and spender. From what I've seen, the CONFIG options of grsec and PAX prevent exploits. I am really surprised there are so many using grsecurity and no distro anymore with a grsec enabled kernel. Excerpt from a response by the pax team on the gentoo hardened list for CVE-2012-0056. _________________________________________________________________________________ > BTW this in "vanilla" gentoo does not work because of the permission of the su > file: > ls -l /usr/bin/su > -rws--x--x 1 root root 36776 18 gen 21.31 /usr/bin/su > > readelf cannot read the address, but there can be other ways to access the > binary for example for group "disk" http://seclists.org/fulldisclosure/2012/Jan/396 > hardened gentoo is un-affected as expected (but you already know) this is not quite true, what could work against grsec is an exploit that implemented a ret2libc style exploit coupled with bruteforcing (if the target suid is a PIE). ^^^^^^^^^^^^^^^^^^^^^ i hope you're all enabling the bruteforce protection feature in grsec ;). --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---