documentation-packages team mailing list archive
-
documentation-packages team
-
Mailing list archive
-
Message #03279
Re: [Bug 1912614] Re: kASLR incorrectly described as disabled by default in Security/Features
On Fri, Jan 22, 2021 at 01:09:13PM -0000, lo-na-aleim wrote:
> Sorry for reaching out in the wrong place. I guess the right place for this would have been the mailing list?
> I started from: https://wiki.ubuntu.com/DocumentationTeam/SystemDocumentation
Actually, thanks for this, I'll amend the script that emits the page to
suggest exactly this -- the mail list, #ubuntu-hardened on
irc.freenode.net, or https://discourse.ubuntu.com/c/security/33
> I guess someone techy enough to care about kASLR will be able to work
> with the Solutions provided by @crass here:
> https://askubuntu.com/questions/704640/how-to-detect-in-runtime-is-kaslr-enabled-or-disabled
> :)
Yes, it's detailed enough that it's bound to be useful for someone who
*really* wants to get into this. :)
Thanks
--
You received this bug notification because you are a member of
Documentation Packages, which is subscribed to ubuntu-docs in Ubuntu.
https://bugs.launchpad.net/bugs/1912614
Title:
kASLR incorrectly described as disabled by default in
Security/Features
Status in ubuntu-docs package in Ubuntu:
Fix Released
Bug description:
According to: https://wiki.ubuntu.com/Security/Features kASLR is disabled by default. Additionally,
it is reported that enabling kASLR will disable the ability to hibernate.
I think that this is no longer true, but I don't want to edit the wiki without clarifying some details.
I discovered the active kASRL when I spun up a qemu vm with Ubuntu 20.04, all defaults and ran volatility3 on a memory dump. On the vm itself the kernel params do not mention kASLR / Kernel hardening:
cat /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-5.4.0-58-generic root=UUID=eb6426f9-969b-4ce8-a690-ef87e410d5bf ro quiet splash vt.handoff=7
I also found this somewhere as a supposedly reliable way to tell if kASLR is on:
cat /proc/sys/kernel/randomize_va_space
2
I asked a colleague who runs his ubuntu 20.04 directly on his laptop
for his cmdline and randomize_va_space, same results. He said he did
not knowingly touch any settings regarding kASLR.
Now, it seems like at some point kASLR became on by default. But I am
not really sure whether it still affects hibernation? I can't find
anything reliable on the wiki. My colleague is not sure whether he
disabled hibernation for different reasons or whether it was disabled
in the first place and I don't want to use my vm as reference, since
its not necessarily a "typical environment".
Note, the answers here should be updated as well, since checking the
kernel params will no longer be reliable.
https://askubuntu.com/questions/704640/how-to-detect-in-runtime-is-
kaslr-enabled-or-disabled
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-docs/+bug/1912614/+subscriptions
References