On Tue, Nov 28, 2017 at 06:32:51PM +0100, leo_...@volny.cz wrote:
> Hi,
>
> theo wrote:
> > And, we have focused on never reusuing an address space after a crash,
> > by designing software to use fork+exec.
>
> I'm not sure I understand this point?
>
> --schaafuit.
The original way of doing a networked daemon is: daemon listens and
forks on accept(2). Consequence: child has same layout as parent. An
extra exec solves this since the layout of the child will be
different.
When an attacker tries to exploit e.g. an overflow the child is likely
to crash, but the next attempt after a crash of the child will find a
new address layout, making it harder to re-use information gathered in
the previous attempt.
-Otto
