i poked lkml, and here is what i got:
Arjan van de Ven wrote:
> On Sat, 2007-01-20 at 17:37 +0300, Samium Gromoff wrote:
> > This patch removes the dropping of ADDR_NO_RANDOMIZE upon execution of setuid
> > binaries.
> > Why? The answer consists of two parts:
> > Firstly, there are valid applications which need an unadulterated memory map.
> > Some of those which do their memory management, like lisp systems (like SBCL).
> > They try to achieve this by setting ADDR_NO_RANDOMIZE and reexecuting themselves.
> this is a ... funny way of achieving this
> if an application for some reason wants some fixed address for a piece
> of memory there are other ways to do that.... (but to some degree all
> apps that can't take randomization broken; for example a glibc upgrade
> on a system will also move the address space around by virtue of being
> bigger or smaller etc etc)
> > . See the excellent, 'Hackers Hut' by Andries Brouwer, which describes
> > how AS randomisation can be got around by the means of linux-gate.so.1
> got a URL to this? If this is exploiting the fact that the vdso is at a
> fixed spot... it's no longer the case since quite a while.
regads, Samium Gromoff