Am 11.04.2013 19:52, schrieb Björn Persson:
Richard W.M. Jones wrote:
> On Thu, Apr 11, 2013 at 05:19:46PM +0200, Miloslav Trmač wrote:
>> With the current setup, we get "mutating ASLR" when compiled as PIE,
>
> Surely ... you get "mutating ASLR" only when compiled as PIE
> *and* the server process restarts itself between each connection or at
> least on a regular basis (ie. it's a forking or pre-forking server, or
> the server is started on each connection by inetd/systemd)?
Or it crashes and gets restarted every time the attacker fails to guess
the addresses
which is exactly the goal ASLR is desigend for