Re: [Axiom-developer] Re: [Gcl-devel] [Re: Executable memory: further programs that fail]

[root]

>Just wanted to point out here that a randomization of this magnitude,
>even if gcl can work around it, could potentially result in a loss of
>100M in usable memory on each save-system.  I think axiom currently
>uses about 4 of these.  The default memory maximum for GCL is only
>128M.  Count me among the elders :-).

Is there any way to get GCL to use all available memory? Fedora will
let you address 4G so Roland doesn't understand why I cry about 100M.

>If you recall, static linking was broken even without exec-shield.  I
>think if brk randomization remains at the above mentioned range, we
>would probably fall back on Roland's linker script solution, if I
>understand correctly. 

I don't understand Roland's linker solution.

>OK, your understanding is considerably deeper than mine on this
>issue.  Even granting some security benefit, though, I don't see why
>the range can't be quite small and still be effective.  How long would
>it take someone to guess a randomly generated address in even a 1k
>range? 

The issue is the same at 1k vs 100M but the latter sounds so much more
secure :-)

Tim