could you please guys implement some anti exploitation technologies such as ASLR out of the box ? Or maybe dedicate a manpage explaining the dev team views over such matters.
I've been a long time user of FreeBSD and i can't help but to feel it keeps dragging behind in this field.
Or please someone explain me why i shouldn't be worrying about that.
If you read about ASLR and I recommend the OpenBSD paper on the topic (I think they implemented it 1st) the technique only makes it more difficult, it doesn't SOLVE the problem. If you benefit from ASLR, then you have a security problem already. I'm not sure I like the idea of losing entropy and slowing down malloc for something that does little to stop attacks from rogue processes (which can be compromised by other methods.)
Sure, I might prefer you DoS some process by crashing it repeatedly instead of taking control over it... but I would prefer you not corrupt or crash it at all and I would want more effort put into better jails and damage control. Removing strcpy and other common trouble makers like OpenBSD does would be nice. ASLR adds to the level of complacency (except on OpenBSD where paranoia is expected.)
The goals should be what they always were. New buzzwords be dammed.
NOTE: I'm years behind on my BSD. I'm not convinced we shouldn't be moving towards microkernel hybrids like Darwin and towards a full microkernel. We took a big speed loss going to protected memory management which was accelerated in hardware and new CPUs made the transition almost unnoticeable. Maybe we should be aiming for something similar? (just isolating most drivers would help; you could leave the FS and HD within the kernel.) I also hate to think of how cool it could have been in Multics was used in place of unix... every unix has been more bloated for decades and I would love to swap RAM, CPUs, etc without rebooting. I find netBSD's work on including an interpreter in the kernel to be interesting in a shocking kind of way. Anyhow, the point is that ASLR is just a niche band-aid and not the most important feature we "must have" to continue living... and we've survived for decades without it. Such complaints sound more like an IT person speaking.
Please if some FreeBSD dev sees this... (Score:0)
could you please guys implement some anti exploitation technologies such as ASLR out of the box ? Or maybe dedicate a manpage explaining the dev team views over such matters.
I've been a long time user of FreeBSD and i can't help but to feel it keeps dragging behind in this field.
Or please someone explain me why i shouldn't be worrying about that.
Re:Please if some FreeBSD dev sees this... (Score:3)
If you read about ASLR and I recommend the OpenBSD paper on the topic (I think they implemented it 1st) the technique only makes it more difficult, it doesn't SOLVE the problem. If you benefit from ASLR, then you have a security problem already. I'm not sure I like the idea of losing entropy and slowing down malloc for something that does little to stop attacks from rogue processes (which can be compromised by other methods.)
Sure, I might prefer you DoS some process by crashing it repeatedly instead of taking control over it... but I would prefer you not corrupt or crash it at all and I would want more effort put into better jails and damage control. Removing strcpy and other common trouble makers like OpenBSD does would be nice. ASLR adds to the level of complacency (except on OpenBSD where paranoia is expected.)
The goals should be what they always were. New buzzwords be dammed.
NOTE: I'm years behind on my BSD.
I'm not convinced we shouldn't be moving towards microkernel hybrids like Darwin and towards a full microkernel. We took a big speed loss going to protected memory management which was accelerated in hardware and new CPUs made the transition almost unnoticeable. Maybe we should be aiming for something similar? (just isolating most drivers would help; you could leave the FS and HD within the kernel.) I also hate to think of how cool it could have been in Multics was used in place of unix... every unix has been more bloated for decades and I would love to swap RAM, CPUs, etc without rebooting. I find netBSD's work on including an interpreter in the kernel to be interesting in a shocking kind of way. Anyhow, the point is that ASLR is just a niche band-aid and not the most important feature we "must have" to continue living... and we've survived for decades without it. Such complaints sound more like an IT person speaking.