On 10/14/2016 01:26 PM, 917832409173409178324097 wrote: > Hello, > > can ASLR tech help to build a hard template VM for Qubes? > > https://securityetalii.es/2013/02/03/how-effective-is-aslr-on-linux-systems/ > > checksec.sh: > How important it is that all libs and executables are PIE-compiled? > Are 100% of the TVM PIE compliant? > > https://www.blackhat.com/docs/asia-16/materials/asia-16-Marco-Gisbert-Exploiting-Linux-And-PaX-ASLRS-Weaknesses-On-32-And-64-Bit-Systems.pdf > > Will ASLR-NG mitigate the ASLR-weaknesses? > > The rerandomization should be fast enough or be able to detect some > brute-force attacks. > > There are other exploit-strategies, which sould be taken into account, so > that the TVM is hard enough to resist the contact with the web (ebanking) - > or the QAchitecture is adressing all of them? > > Heap-Spraying? > Egg-Hunting? > ROP? > DEP? > SEHOP? > SafeSEZ? > Stack Cockies? > SEH overflows? > stack overflows? > > or others? > > It looks that there are many methods around to inject shellcode in some way... > > https://www.corelan.be/index.php/2013/02/19/deps-precise-heap-spray-on-firefox-and-ie10/ > > Kind Regards >
This would be really nice, but basically you're talking about hardening Fedora, so this should probably be done with upstreaming the work in mind. Perhaps we begin with a template on Qubes OS that we can use, and piece by piece, the modifications to that template can get upstreamed. Eventually the template will no longer be necessary. -- Rudd-O http://rudd-o.com/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to firstname.lastname@example.org. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3fa020b9-2b92-df63-0dce-70ed805321bd%40rudd-o.com. For more options, visit https://groups.google.com/d/optout.