comex · Jun 21, 2017 · 3:43 AM UTC

comex @comex

21 Jun 2017

if I read between the lines of this @grsecurity post… PaX doesn’t have userland stack proving and thus isn’t immune, despite claim @ start?

comex · Jun 21, 2017 · 3:45 AM UTC

comex @comex

21 Jun 2017

(btw, I haven’t forgotten about what I said I’d do, and I will, but it’s demotivating to have to go look for leaks just to prove a point)

PaX Team · Jun 21, 2017 · 11:06 AM UTC

PaX Team · Jun 21, 2017 · 11:06 AM UTC

PaX Team @paxteam

21 Jun 2017

what leaks do you need? for spraying or content? if the latter, assume you know static addresses/content (vmlinux/modules).

Jun 21, 2017 · 11:06 AM UTC

comex · Jun 21, 2017 · 7:40 PM UTC

comex @comex

21 Jun 2017

by leaks I mean the commercial version of grsecurity

PaX Team · Jun 21, 2017 · 8:48 PM UTC

PaX Team @paxteam

21 Jun 2017

i believe babies need to take baby steps first, so cut your teeth on the public version that you promised a year ago already ;).