[geofft]

> is linux randomizing is per exec ?

Not entirely sure what you're meaning to ask, but yes, Linux does KASLR and tries very hard not to leak pointer addresses from the running kernel to unprivileged userspace:

https://lwn.net/Articles/569635/

It's been enabled by default since the upstream 4.12 kernel, and usually well before that in distros.

[_joel]

KALSR's not the same as ASLR (although ideologically related). ALSR has been around for a good number of years in userspace via randomize_va_space sysctl

(edit I presume that's what the poster above mentioned re: per exec)

[agumonkey]

yes ALSR, sorry, acronym fail on my part. So ALSR does randomize bindings on each execution ?

[majewsky]

Yes. If I run e.g. `ldd /bin/bash` multiple times, it shows different memory addresses each time. That's ASLR.

[strcat]

cat /proc/self/maps is a better way to see that. If it's built with PIE, the executable base is randomized. Some distributions use full ASLR across the board (Alpine, Android, ChromeOS, Hardened Gentoo) while others don't yet enable PIE globally or have only recently started and it isn't all pushed out yet (OpenSUSE, Fedora, Debian).

[language]

Also worth mentioning that `ldd` only demonstrates how shared libraries are mmap'ed at randomized locations. Stack and heap allocations are also randomized at execution time.

[agumonkey]

I never bothered to check, what a m... I am. Thanks a lot :)