[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Preview: portable dumper

From: Paul Eggert
Subject: Re: Preview: portable dumper
Date: Tue, 29 Nov 2016 13:35:12 -0800
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0

On 11/29/2016 01:19 PM, Daniel Colascione wrote:
Even*with*  a PIC Emacs (which I hope is the default, because ASLR
greatly improves security), we can get these savings if
mmap(BASE_ADDRESS_STORED_IN_DUMP, ...) succeeds and we can map the dump
where we want.  If we can't map the dump where we want, we'll just
relocate it.

Although your other advantages sound good, this one sounds worrisome. If Emacs maps the dump to the same place every time, we are giving up ASLR for the dump itself, and won't that pose a potential security risk? If so, perhaps it would be better to not mmap to the base address stored in the dump (unless we can determine that ASLR is not in use, I suppose).

reply via email to

[Prev in Thread] Current Thread [Next in Thread]