Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2024-10-01 08:25:45 -04:00
Code Issues Packages Projects Releases Wiki Activity

README: Document mmap-rnd-bits

Browse Source
This commit is contained in:
Jeremy Rand 2023-05-08 13:45:18 +00:00
parent 6511dac1d4
commit 9d23717b6d
No known key found for this signature in database
GPG Key ID: EB03139A459DD06E
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -37,9 +37,6 @@ often abused to exploit use-after-free flaws.
* Kexec is disabled as it can be used to load a malicious kernel and gain
arbitrary code execution in kernel mode.
* The bits of entropy used for mmap ASLR are increased, therefore improving
its effectiveness.
* Randomises the addresses for mmap base, heap, stack, and VDSO pages.
* Prevents unintentional writes to attacker-controlled files.
@ -54,6 +51,13 @@ prevents writing potentially sensitive contents of memory to disk.
* TCP timestamps are disabled as it can allow detecting the system time.
### mmap ASLR
* The bits of entropy used for mmap ASLR are maxed out via
`/usr/libexec/security-misc/mmap-rnd-bits` (set to the values of
`CONFIG_ARCH_MMAP_RND_BITS_MAX` and `CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX` that
the kernel was built with), therefore improving its effectiveness.
### Boot parameters
Boot parameters are outlined in configuration files located in the