From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 70054 invoked by alias); 18 Feb 2018 22:40:40 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 68231 invoked by uid 89); 18 Feb 2018 22:40:34 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_LOW autolearn=no version=3.3.2 spammy=UD:blogs.technet.microsoft.com, blogs.technet.microsoft.com, clarifying-the-behavior-of-mandatory-aslr, blogstechnetmicrosoftcom X-HELO: smtp-out-so.shaw.ca Received: from smtp-out-so.shaw.ca (HELO smtp-out-so.shaw.ca) (64.59.136.139) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Sun, 18 Feb 2018 22:40:32 +0000 Received: from [192.168.1.100] ([24.64.240.204]) by shaw.ca with ESMTP id nXdGe8QZWJZWxnXdHeRZjW; Sun, 18 Feb 2018 15:40:31 -0700 X-Authority-Analysis: v=2.3 cv=D6Jp1MZj c=1 sm=1 tr=0 a=MVEHjbUiAHxQW0jfcDq5EA==:117 a=MVEHjbUiAHxQW0jfcDq5EA==:17 a=N659UExz7-8A:10 a=yMhMjlubAAAA:8 a=kwXqROGhxwQWYeLZ31EA:9 a=pILNOxqGKmIA:10 Reply-To: Brian.Inglis@SystematicSw.ab.ca Subject: Re: W10 Mandatory ASLR default To: cygwin@cygwin.com References: <8297ddf5-5d06-c2b1-526b-16ca311749aa@ferzkopp.net> <20180212164945.GA2361@jbsupah> <890bb1f3-65b3-b9d8-fdaa-bb148cce4163@towo.net> <327030c8-7dfa-8e57-eb70-45e890f8aac2@SystematicSw.ab.ca> <87bmgmf4e5.fsf@Rainer.invalid> From: Brian Inglis Message-ID: Date: Sun, 18 Feb 2018 22:40:00 -0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: <87bmgmf4e5.fsf@Rainer.invalid> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-CMAE-Envelope: MS4wfBqNRJ1BV+XoNX0KLOFUh/YgMy2nCjTKLh4UZxR9Bf/mZ9AZ7+uyHTFU63Pc3YOOVYIBNfM9X2CvbzG2wtt0lkBZ9YWbmaUzWAVnKzJyq0rfZTKah6kn ZxSLZ47fA8xuXHvYtY1BXFG56Nj05lRJ3JFHETAeWkTjmbe6hTTh5CCiKcFrS4ycAFE8yuB0MluXqA== X-IsSubscribed: yes X-SW-Source: 2018-02/txt/msg00201.txt.bz2 On 2018-02-18 13:07, Achim Gratz wrote: > Brian Inglis writes: >> Could setup be updated to reset Mandatory ASLR if the reg keys exist, or an >> /etc/postinstall/[0z]p_disable_mandatory_aslr.sh script do a check and reset? > > Both methods would likely be considered hostile by those who are most > likely set these keys and in fact I'd expect them to be re-set by group > policy even if they were changeable in any corporate environment. Note > that forcing mandatory ASLR on non-ASLR-aware executables is not the > default on Windows 10, although beta-testers might have got pushed such > a setting, based on what was reported here and elsewhere. Anyone who > sets this option on his own box without understanding what it really > does gets to keep the broken pieces. My concern is for those who do not set it themselves or are unaware of the impact on Cygwin. Cygwin does not set dynamic base in exes and dlls, so should not be affected unless Mandatory ASLR is set: https://blogs.technet.microsoft.com/srd/2017/11/21/clarifying-the-behavior-of-mandatory-aslr/ W7 EMET and EoL 2018 July - upgrade for any future patches: https://technet.microsoft.com/en-us/security/jj653751 I'll be watching carefully after my next W10 Home standard restart, to see if it changes as part of Spectre/Meltdown mitigation. -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple