[ubuntu-hardened] KASLR: enabling on x86 with "kaslr" option via '/etc/default/grub' file.
sidetripping at gmail.com
Wed Aug 2 19:16:21 UTC 2017
>> Aww, thanks Daniel :D Very kind of you to say so.
>> It's always a pleasure.
Seth, but that's true! In some way, you're teaching me by your answers. So
once again: thank You very, very much.
>> I debated about writing "ASLR for applications" and "KASLR"
>> but wanted to draw the distinction that it's ASLR for both
>> but ASLR for applications is more useful than ASLR for kernels.
OK, I understand. So I'll use KASLR even if it's not magic.
Hi Mr Kees Cook
Firstly, I want to thank You for your job to make a Linux secure by
default. I hope You will not give up, because of various pressures: hard
work, more work and so on.
>> One additional note here is that Linux kernel v4.8 and later
>> has CONFIG_RANDOMIZE_MEMORY which shuffles where
>> a number of memory sections live in memory at each boot too
Thanks for an information. I'm preparing to install HWE kernel on 16.04 LTS
Release. I think, that v4.10 is now available (linux-hwe.) As an example,
the 16.04.2 point release, would have v4.8 based kernel. However, I'm using
16.04.3 right now, so it will be definitely v4.10.
Personally, I'm waiting for a newer, hardened versions with new security
features such as GCC plugins and many, many more.
Thanks, best regards.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ubuntu-hardened