On Thu, Mar 10, 2016 at 10:29:38AM -0500, Ed Maste wrote: > > There are patches ready for FreeBSD to use and it's ready to be shipped > > in FreeBSD. However, for some reason FreeBSD developers do not want to > > ship ASLR in FreeBSD. Why can't it be included at least as non-default > > src.conf option and marked as experimental? > > A little while ago I asked kib@ to look at the ASLR situation. > > He implemented a small, more general solution. We planned to post it > for review, testing and discussion soon, but given the renewed > interest in this topic we'll put it on Phabricator today. > > I look forward to feedback on the patch from Shawn and the HardenedBSD > folks and everyone else with an interest in ASLR on FreeBSD.
I look forward to seeing the patch. We'd be especially interested to see how it does stack and VDSO randomization. If the implementation that FreeBSD provides is better than HardenedBSD's, we'd likely drop our implementation and go with FreeBSD's. I'll keep an eye on Phabricator today. Thanks, -- Shawn Webb HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
signature.asc
Description: PGP signature
