Disable and re-enable address space layout randomization only for myself
Solution 1
The documentation for the randomize_va_space
sysctl setting is in Documentation/sysctl/kernel.txt
in the kernel source tree. Basically,
0 - Turn the process address space randomization off.
1 - Make the addresses of mmap base, stack and VDSO page randomized.
2 - Additionally enable heap randomization.
Solution 2
The best way to disable locally the ASLR on a Linux-based system is to use processes personality flags. The command to manipulate personality flags is setarch
with
-R
,--addr-no-randomize
Disables randomization of the virtual address space (turns on ADDR_NO_RANDOMIZE).
Here is how to proceed:
$> setarch $(uname -m) -R /bin/bash
This command runs a shell in which the ASLR has been disabled. All descendants of this process will inherit of the personality flags of the father and thus have a disabled ASLR. The only way to break the inheritance of the flags would be to call a setuid program (it would be a security breach to support such feature).
Note that the uname -m
is here to not hard-code the architecture of your platform and make this command portable.
Related videos on Youtube
Comments
-
Amittai Aviram almost 2 years
I would like to disable address space layout randomization (ASLR) on my system (Ubuntu Gnu/Linux 2.6.32-41-server), but, if I use
sysctl -w kernel.randomize_va_space=0
the change would affect all users on the system, I presume. (Is this true?) How can I limit the effects of disabling ASLR to myself as a user only, or only to the shell session in which I invoke the command to disable?
BTW, I see that my system's current (default) setting is
kernel.randomize_va_space = 2
Why 2 and not 1 or 3? Where can I find documentation about the numerical values of /proc/sys settings, their ranges, and their meanings? Thanks!
-
Admin over 10 yearsgcc.gnu.org/wiki/Randomization says that
setarch $(uname -m) -RL bash
must work -
Ciro Santilli OurBigBook.com almost 9 years
-
-
Amittai Aviram almost 12 yearsThanks! That does address my second ("BTW") question above, but I still don't see a way to restrict the effect of sysctl to a single account or shell session. I guess it must be impossible. :-/
-
newpxsn almost 12 yearsYes, the setting is global. A quick grep shows that there is some (maybe vestigial) code in the "personality" code (handling multiple ABIs) that can do the converse. Setting ADDR_NO_RANDOMIZE flag on the personality field of a task_struct will disable the behavior even when it is globally enabled. But that's probably more kernel voodoo than you want to deal with.