Aslr

Linux and ASLR: kernel/randomize_va_space

ASLR protects the Linux kernel and programs against different attacks. It can be tuned with the randomize_va_space setting to provide different protections.

Summary

Configuring ASLR with randomize_va_space

The Linux kernel has a defense mechanism named address space layout randomization (ASLR). This setting is tunable with the randomize_va_space setting. Before making changes to this setting, it is good to understand what this Linux security measure actually does and how it works.

Understanding ASLR

In 2001 the term ASLR was first introduced as a patch to the Linux kernel. Its main goal was to randomize memory segments to make abuse by malicious programs harder. A normal program consists of several components, which are loaded into memory and flagged with special properties. Some pieces of the program are executable bits, others are normal data. Before going into these properties, let’s first determine the main goal of a program. Simply said, it should have a start procedure, maintain itself, and finally end. For some programs this whole cycle can take milliseconds, others may take years to complete. It all depends on the program, its stability and how often a system is rebooted.