ASLR/PIE status in FreeBSD HEAD
Ed Maste
emaste at freebsd.org
Fri Apr 17 14:04:15 UTC 2020
On Fri, 17 Apr 2020 at 09:13, Shawn Webb <shawn.webb at hardenedbsd.org> wrote:
>
> Quick note: paxtest's algorithms for measuring ASLR was meant to test
> ASLR, not FreeBSD's ASR implementation. Thus, paxtest results for
> FreeBSD's ASR are moot.
paxtest's entropy estimate is superficial, and indeed can produce a
more or less invalid result depending on the distribution of allocated
objects. There are a number of other tools which perform a more
rigorous or comprehensive analysis.
paxtest is useful in providing basic indication of whether various
things are randomized or not.
More information about the freebsd-security
mailing list