On 10/14/2016 01:26 PM, 917832409173409178324097 wrote:
> Hello,
>
> can ASLR tech help to build a hard template VM for Qubes?
>
> https://securityetalii.es/2013/02/03/how-effective-is-aslr-on-linux-systems/
>
> checksec.sh:
> How important it is that all libs and executables are PIE-compiled?
> Are 100% of the TVM PIE compliant?
>
> https://www.blackhat.com/docs/asia-16/materials/asia-16-Marco-Gisbert-Exploiting-Linux-And-PaX-ASLRS-Weaknesses-On-32-And-64-Bit-Systems.pdf
>
> Will ASLR-NG mitigate the ASLR-weaknesses?
>
> The rerandomization should be fast enough or be able to detect some
> brute-force attacks.
>
> There are other exploit-strategies, which sould be taken into account, so
> that the TVM is hard enough to resist the contact with the web (ebanking) -
> or the QAchitecture is adressing all of them?
>
> Heap-Spraying?
> Egg-Hunting?
> ROP?
> DEP?
> SEHOP?
> SafeSEZ?
> Stack Cockies?
> SEH overflows?
> stack overflows?
>
> or others?
>
> It looks that there are many methods around to inject shellcode in some way...
>
> https://www.corelan.be/index.php/2013/02/19/deps-precise-heap-spray-on-firefox-and-ie10/
>
> Kind Regards
>
This would be really nice, but basically you're talking about hardening
Fedora, so this should probably be done with upstreaming the work in
mind. Perhaps we begin with a template on Qubes OS that we can use, and
piece by piece, the modifications to that template can get upstreamed.
Eventually the template will no longer be necessary.
--
Rudd-O
http://rudd-o.com/
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/3fa020b9-2b92-df63-0dce-70ed805321bd%40rudd-o.com.
For more options, visit https://groups.google.com/d/optout.
