Does anyone use RANDSTRUCT?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: Paul Moore <paul@xxxxxxxxxxxxxx>, SELinux <selinux@xxxxxxxxxxxxxxx>, Kees Cook <keescook@xxxxxxxxxxxx>, Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>, Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Subject: Does anyone use RANDSTRUCT?
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Date: Fri, 13 Dec 2019 10:40:54 -0500
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2
See $(subject). If yes, there are some obvious candidates among the
SELinux data structures for randomized layouts to avoid fixed locations
for enforcing, initialized, etc. If not, then no point in pursuing it.
Doesn't look like Fedora enables it, probably because they'd have to
publish the random seeds anyway for third party kernel modules. But
maybe it would be useful for some distros/users? ChromeOS? Android?
[Index of Archives]
[Selinux Refpolicy]
[Linux SGX]
[Fedora Users]
[Fedora Desktop]
[Yosemite Photos]
[Yosemite Camping]
[Yosemite Campsites]
[KDE Users]
[Gnome Users]
