glibc is about to effectively turn off ASLR by default on x86_64 because some broken Intel chips are 3% slower. https://sourceware.org/ml/libc-alpha/2015-12/msg00221.html …
@CopperheadSec @solardiz And it's not clear to me that everyone would want to trade this for a lock-out type behavior.
-
-
@CopperheadSec@solardiz Lockout after several crashes transforms momentary-DoS-only bugs into effective long-term DoS attacks. -
@RichFelker@solardiz Yeah, and respawning tends to be the default or at least strongly encouraged by service supervisors. -
@CopperheadSec@RichFelker OTOH, it's surprising that Red Hat sets kernel.panic_on_oops by default, favoring integrity over availability -
@solardiz@RichFelker FWIW, Android sets kernel.panic_on_oops too. There's little choice without PaX since there's no anti-brute-force. -
@solardiz@RichFelker Since the choice is between allowing any number of crashes with no throttling or panicking after the first one. -
@CopperheadSec@solardiz Well when the crash is in kernel space it rather makes sense to treat the whole kernel as compromised and panic. -
@CopperheadSec@solardiz I think panic_on_oops is a very different issue from locking out crashing user processes.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.