Skip to main content
Information Security

Return to Question

Improved grammar
Source Link
edit approved Apr 15, 2020 at 7:07
cactus4
edit approved Apr 15, 2020 at 7:07
cactus4
  • 15
  • 3

From what iI understand, ASLR has 3 Modes:

  • 0 - turned off
  • 1 - randomizes stack, heap, shared libraries, vDSO, mmap memory area and text area (if built with -fPIE -pie)
  • 2 - additionally randomizes brk()-allocated memory, which comes, to my understanding, mostly from small malloc()-calls.

So my questions is, whyWhy is there an extra mode especially for brk()-allocated memory (if this is really all it does) and how important is it or rather when is it important to use Mode 2 of ASLR instead of Mode 1?

From what i understand, ASLR has 3 Modes:

  • 0 - turned off
  • 1 - randomizes stack, heap, shared libraries, vDSO, mmap memory area and text area (if built with -fPIE -pie)
  • 2 - additionally randomizes brk()-allocated memory, which comes, to my understanding, mostly from small malloc()-calls.

So my questions is, why is there an extra mode especially for brk()-allocated memory (if this is really all it does) and how important is it or rather when is it important to use Mode 2 of ASLR instead of Mode 1?

From what I understand, ASLR has 3 Modes:

  • 0 - turned off
  • 1 - randomizes stack, heap, shared libraries, vDSO, mmap memory area and text area (if built with -fPIE -pie)
  • 2 - additionally randomizes brk()-allocated memory, which comes, to my understanding, mostly from small malloc()-calls.

Why is there an extra mode especially for brk()-allocated memory (if this is really all it does) and how important is it or rather when is it important to use Mode 2 of ASLR instead of Mode 1?

Tweeted twitter.com/StackSecurity/status/1247902157308751878
Source Link
Mr_Mango
Mr_Mango
  • 103
  • 7

Importance of ASLR Mode 2

From what i understand, ASLR has 3 Modes:

  • 0 - turned off
  • 1 - randomizes stack, heap, shared libraries, vDSO, mmap memory area and text area (if built with -fPIE -pie)
  • 2 - additionally randomizes brk()-allocated memory, which comes, to my understanding, mostly from small malloc()-calls.

So my questions is, why is there an extra mode especially for brk()-allocated memory (if this is really all it does) and how important is it or rather when is it important to use Mode 2 of ASLR instead of Mode 1?