GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 29-Mar-2024 07:26:21 JST Haelwenn /элвэн/ :triskell: Haelwenn /элвэн/ :triskell:
    @chjara Or like memory poisoning.

    inb4:
    - Nooo, my performance.
    - Well if you'd care about performance, you also wouldn't be duplicating lists/strings to make sublists/substrings all the time.
    In conversation about 8 months ago from queer.hacktivis.me permalink
    • Embed this notice
      niconiconi (niconiconi@mk.absturztau.be)'s status on Friday, 29-Mar-2024 08:18:59 JST niconiconi niconiconi
      in reply to

      @lanodan@queer.hacktivis.me @chjara@akko.wtf There are many well-known mitigation techniques, like memory poisoning, and have already existed for 10+ years. But many are very aggressive (to them, Linux is exploitable despite some mitigations because they're too half-assed). Meanwhile kernel developers don't like them and think they're either too invasive or too paranoid (e.g. In PaX, you must call pax_open_kernel() whenever you need to change a critical kernel data structure). Linus in particular, hates security people and think they're mostly impractical jerks.

      In conversation about 8 months ago permalink
      Haelwenn /элвэн/ :triskell: likes this.
    • Embed this notice
      niconiconi (niconiconi@mk.absturztau.be)'s status on Friday, 29-Mar-2024 08:32:44 JST niconiconi niconiconi
      in reply to

      @lanodan@queer.hacktivis.me @chjara@akko.wtf For the note, PaX supported zero-poison after free (PAX_MEMORY_SANITIZE) since the year 2010. But of course LKML and PaX Team hate each other so it took 7 years before the Google / Kees Cook gang pushed it for upstreaming.

      How it started: https://lwn.net/Articles/386706/
      How it is going: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1414c7f4f7d72d138fff35f00151d15749b5beda

      In conversation about 8 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: static.lwn.net
        PAX_MEMORY_SANITIZE [LWN.net]
      2. Domain not in remote thumbnail source whitelist: git.kernel.org
        mm/page_poisoning.c: allow for zero poisoning - kernel/git/torvalds/linux.git - Linux kernel source tree
      Haelwenn /элвэн/ :triskell: likes this.
    • Embed this notice
      Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 29-Mar-2024 08:34:12 JST Haelwenn /элвэн/ :triskell: Haelwenn /элвэн/ :triskell:
      in reply to
      • niconiconi
      @niconiconi @chjara heh checked and I have CONFIG_PAGE_POISONING=y on my gentoo machines. ^^

      (tfw alpine doesn't have /proc/config.gz enabled so it's annoying to check)
      In conversation about 8 months ago permalink

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.