| ▲ | ptx 4 hours ago | |||||||
> It's worth noting that FreeBSD made this easier than it would be on a modern Linux kernel: FreeBSD 14.x has no KASLR (kernel addresses are fixed and predictable) and no stack canaries for integer arrays (the overflowed buffer is int32_t[]). What about FreeBSD 15.x then? I didn't see anything in the release notes or the mitigations(7) man page about KASLR. Is it being worked on? NetBSD apparently has it: https://wiki.netbsd.org/security/kaslr/ | ||||||||
| ▲ | ktm5j 2 hours ago | parent | next [-] | |||||||
I don't understand this, because KASLR has been default in FreeBSD since 13.2: [kmiles@peter ~]$ cat /etc/os-release NAME=FreeBSD VERSION="13.3-RELEASE-p4" VERSION_ID="13.3" ID=freebsd ANSI_COLOR="0;31" PRETTY_NAME="FreeBSD 13.3-RELEASE-p4" CPE_NAME="cpe:/o:freebsd:freebsd:13.3" HOME_URL="https://FreeBSD.org/" BUG_REPORT_URL="https://bugs.FreeBSD.org/" [kmiles@peter ~]$ sysctl kern.elf64.aslr.enable kern.elf64.aslr.enable: 1 | ||||||||
| ||||||||
| ▲ | keysersoze33 3 hours ago | parent | prev [-] | |||||||
This is more of a Linux kernel criticism of KASLR, but perhaps it's related as to why it's not been a priority in FreeBSD (i.e. it gives a false sense of safety and rather focus on 'proper' security hardening): https://forums.freebsd.org/threads/truth-about-linux-4-6-sec... | ||||||||