aslr is not disabled

Question

aslr is not disabled

Opened this issue 4 years ago · 5 comments

Hi man :)
I love the work you did here !
but just to let you know ! you can't just disable ASRL from within the docker ! even when you are running with --privileged

simple test script :

#include <stdlib.h>

void foo(){}

int main(int argc, char *argv[]){
    int y;
    char *x = (char *) malloc(128);

    printf("Library functions: %08x, Heap: %08x, Stack: %08x, Binary: %08x\n",
           &malloc, x, &y, &foo);
}

output :

Library functions: f7e25c30, Heap: 565bb160, Stack: ffd374a4, Binary: 565785ad
root@0beb4a114a2f:/tmp# ./test
Library functions: f7e2cc30, Heap: 56749160, Stack: ffb60094, Binary: 565955ad
root@0beb4a114a2f:/tmp# ./test
Library functions: f7df2c30, Heap: 579a7160, Stack: ffb041d4, Binary: 566465ad

Answer 1 · 2020-12-23T18:43:29.000Z

Yes actually its possible I think because it worked for me. I updated the dockerfile and it worked - #2

Answer 2 · 2020-12-24T11:15:51.000Z

@Souptik2001 can you try using the C program I mention above and share the results here ?

Answer 3 · 2020-12-24T13:35:00.000Z

Ok here is a screenshot of the output. ESP is same every time :

You can also check the value of the "/proc/sys/kernel/randomize_va_space" file its 0.

Answer 4 · 2020-12-24T15:27:55.000Z

@Souptik2001 are you sure that ASLR is not disabled on your host system ?

Answer 5 · 2020-12-29T13:21:17.000Z

Oh, Yes ASLR on my host system is getting disabled or enabled as soon as I am enabling or disabling it on the container. I am able to change the ASLR value but it is also affecting my host system.
I turned on aslr on my host system and started the container and as soon as the CMD ran on the Dockerfile it also disabled the ASLR on my host system...I am not really getting this that how am I able to control the aslr value of the host from the container. I have to look into this a bit.