ASLR not enabled for Git for Windows executables #608
Labels
Comments
|
Hmpf. Would have been nice to clarify that acronym. And also how you found out that those executables do not use randomization. BTW
Yes. People wanting it have not contributed a patch enabling it 😜 |
|
GNU ld's ASLR support is currently broken: https://sourceware.org/bugzilla/show_bug.cgi?id=19011 |
|
@geraldcombs that bug says the defaults are insecure hence this bug. If you look at the ffmpeg patches there it just manually adds flags for aslr and such. |
|
@kostix thanks for spelling it out (I actually knew what it was, but I found it bad form to post an incomplete report). @ismail I would really love it if you could open a Pull Request that adds the respective settings to the |
dscho
added a commit
to dscho/git
that referenced
this issue
Jan 23, 2016
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of git-for-windows#612 that does not break Git ;-) This fixes git-for-windows#608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
Jan 28, 2016
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
Feb 6, 2016
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
Feb 23, 2016
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
Mar 15, 2016
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
Mar 18, 2016
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
Mar 29, 2016
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
Apr 4, 2016
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
Apr 30, 2016
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
May 20, 2016
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
to dscho/git
that referenced
this issue
May 27, 2016
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of git-for-windows#612 that does not break Git ;-) This fixes git-for-windows#608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
Jun 7, 2016
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
Jun 9, 2016
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
Jun 9, 2016
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
Jun 9, 2016
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
git-for-windows-ci
pushed a commit
that referenced
this issue
May 8, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
May 8, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
May 9, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
May 9, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
May 9, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
git-for-windows-ci
pushed a commit
that referenced
this issue
May 9, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
May 10, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
May 10, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
May 10, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
git-for-windows-ci
pushed a commit
that referenced
this issue
May 10, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
git-for-windows-ci
pushed a commit
that referenced
this issue
May 10, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
git-for-windows-ci
pushed a commit
that referenced
this issue
May 10, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
May 13, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
to dscho/git
that referenced
this issue
May 13, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of git-for-windows#612 that does not break Git ;-) This fixes git-for-windows#608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
to dscho/git
that referenced
this issue
May 13, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of git-for-windows#612 that does not break Git ;-) This fixes git-for-windows#608 Signed-off-by: Johannes Schindelin <[email protected]>
git-for-windows-ci
pushed a commit
that referenced
this issue
May 14, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
May 14, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
May 21, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
May 22, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
May 25, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
Jun 4, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
dscho
added a commit
that referenced
this issue
Jun 8, 2019
Address Space Layout Randomization (ASLR) allows executables' memory layout to change at random between runs, and therefore offers a quite decent protection against many attacks. We enable ASLR because MSYS2's C compiler offers support for ASLR, and whatever performance impact it has is neglible, according to https://insights.sei.cmu.edu/cert/2014/02/differences-between-aslr-on-windows-and-linux.html This merges the part of #612 that does not break Git ;-) This fixes #608 Signed-off-by: Johannes Schindelin <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It seems most of the executables of Git for Windows didn't have ASLR enabled, such as git-bash.exe, git-cmd.exe, unins000.exe, bin/bash.exe, bin/git.exe, bin/sh.exe, etc. Are there any reasons for not enabling ASLR for these files?
Version: 2.6.3.windows.1
The text was updated successfully, but these errors were encountered: