Thanks for the corrections, lo-na-aleim. We've updated the wiki page to reflect the KASLR features as they stand currently.
This wiki page is programmatically constructed: hand edits wouldn't survive in the long run. Note that the /proc/sys/kernel/randomize_va_space controls whether or not the brk address space within userspace processes should be randomized. Quoting from the Linux kernel source file init/Kconfig: Randomizing heap placement makes heap exploits harder, but it also breaks ancient binaries (including anything libc5 based). This option changes the bootup default to heap randomization disabled, and can be overridden at runtime by setting /proc/sys/kernel/randomize_va_space to 2. I don't know off-hand a reliable programmatic tool available to determine that the kernel has booted into a randomized base location, or whether it randomizes memory slabs, etc. The /boot/config* files by convention show the configuration of the kernel, but local administrators may not observe this convention if they replace the kernel. Thanks ** Changed in: ubuntu-docs (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1912614 Title: kASLR incorrectly described as disabled by default in Security/Features To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-docs/+bug/1912614/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs