On Tue, Mar 27, 2018 at 04:51:08PM +0300, Ilya Smith wrote: > > /dev/[u]random is not sufficient? > > Using /dev/[u]random makes 3 syscalls - open, read, close. This is a performance > issue. You may want to take a look at the getrandom(2) system call, which is the recommended way getting secure random numbers from the kernel. > > Well, I am pretty sure userspace can implement proper free ranges > > tracking… > > I think we need to know what libc developers will say on implementing ASLR in > user-mode. I am pretty sure they will say ‘nether’ or ‘some-day’. And problem > of ASLR will stay forever. Why can't you send patches to the libc developers? Regards, - Ted
