I would like to disable address space layout randomization (ASLR) on my system (Ubuntu Gnu/Linux 2.6.32-41-server), but, if I use
sysctl -w kernel.randomize_va_space=0
the change would affect all users on the system, I presume. (Is this true?) How can I limit the effects of disabling ASLR to myself as a user only, or only to the shell session in which I invoke the command to disable?
BTW, I see that my system's current (default) setting is
sysctl -w kernel.randomize_va_space=0
Why 2 and not 1 or 3? Where can I find documentation about the numerical values of /proc/sys settings, their ranges, and their meanings? Thanks!
The documentation for the randomize_va_space sysctl setting is in Documentation/sysctl/kernel.txt in the kernel source tree. Basically,
0 - Turn the process address space randomization off.
1 - Make the addresses of mmap base, stack and VDSO page randomized.
2 - Additionally enable heap randomization.
The best way to disable locally the ASLR on a Linux-based system is to use processes personality flags. The command to manipulate personality flags is setarch with
-R,--addr-no-randomizeDisables randomization of the virtual address space (turns on ADDR_NO_RANDOMIZE).
Here is how to proceed:
$> setarch $(uname -m) -R /bin/bash
This command runs a shell in which the ASLR has been disabled. All descendants of this process will inherit of the personality flags of the father and thus have a disabled ASLR. The only way to break the inheritance of the flags would be to call a setuid program (it would be a security breach to support such feature).
Note that the uname -m is here to not hard-code the architecture of your platform and make this command portable.
来源:https://stackoverflow.com/questions/11238457/disable-and-re-enable-address-space-layout-randomization-only-for-myself