GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Embed Notice

HTML Code

Corresponding Notice

  1. Embed this notice
    Hélène (helene@p.helene.moe)'s status on Wednesday, 21-Sep-2022 23:58:43 JSTHélèneHélène
    in reply to
    • Sexy Moon
    • inference
    • feld
    @feld @inference @Moon ASLR can help against a handful of exploits and usually requires a way to bypass it (ROPchains basically stop working if the code is ASLR'd, so you need a leak + a way to generate the ROPchain after that leak, which usually implies Turing completeness is needed to do math and prepare the exploit, etc)
    fake vtables end up suffering from the same problem, heap funnies become a real pain, UAFs are less powerful on their own, etc...
    it's really not a useless mitigation, but it really has to be done right, and it almost never is because there's almost always a range of predictable or statically adressed memory on Unix/Win32 systems; they weren't designed with that in mind from the ground up and they prefer to keep backwards compatibility
    In conversationWednesday, 21-Sep-2022 23:58:43 JST from p.helene.moepermalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.