DEP / ASLR on Windows x86 binaries

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

DEP / ASLR on Windows x86 binaries

yi-jing chou
Hi, 

I find the wrapper.exe and wrapper.dll for Windows x86 doesn't enable DEP(Data Execution Prevention) and ASLR(Address space layout randomization).
It is a security risk and some malicious code can attack the program if it doesn't enable DEP / ASLR.

Do you have plan to enhance it?


Thank you
Gino Chou


DEP / ASLR on Windows x86 binaries

------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Wrapper-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/wrapper-user
Reply | Threaded
Open this post in threaded view
|

Re: DEP / ASLR on Windows x86 binaries

Maxime
Hello

Thank you for your email.

The Wrapper is indeed not compiled with the ASLR and DEP/NX compile flags in its current version.
We will investigate about the possible implications this may have on the different platforms we support, and consider adding these protections on a future release.

Best Regards,

Maxime


On Wed, Jan 11, 2017 at 4:08 PM, yi-jing chou <[hidden email]> wrote:
Hi, 

I find the wrapper.exe and wrapper.dll for Windows x86 doesn't enable DEP(Data Execution Prevention) and ASLR(Address space layout randomization).
It is a security risk and some malicious code can attack the program if it doesn't enable DEP / ASLR.

Do you have plan to enhance it?


Thank you
Gino Chou


DEP / ASLR on Windows x86 binaries

------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Wrapper-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/wrapper-user



------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Wrapper-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/wrapper-user
Reply | Threaded
Open this post in threaded view
|

Re: DEP / ASLR on Windows x86 binaries

yi-jing chou
Hi Maxime,

Thanks for your response.

Do you have any schedule to release the build to enable ASLR and DEP/NX?

For ASLR and DEP/NX in Windows x86, add "/NXCOMPAT" and "/DYNAMICBASE" into compile options can enable them.
I understand your consideration about to support different platforms, but for Windows x86 that is simple to add the compile options.
Could you please consider to release the build which ASLR and DEP/NX are enabled for Windows x86 first?

Thanks.

Best regards,
Gino

2017-01-12 16:59 GMT+08:00 Maxime <[hidden email]>:
Hello

Thank you for your email.

The Wrapper is indeed not compiled with the ASLR and DEP/NX compile flags in its current version.
We will investigate about the possible implications this may have on the different platforms we support, and consider adding these protections on a future release.

Best Regards,

Maxime


On Wed, Jan 11, 2017 at 4:08 PM, yi-jing chou <[hidden email]> wrote:
Hi, 

I find the wrapper.exe and wrapper.dll for Windows x86 doesn't enable DEP(Data Execution Prevention) and ASLR(Address space layout randomization).
It is a security risk and some malicious code can attack the program if it doesn't enable DEP / ASLR.

Do you have plan to enhance it?


Thank you
Gino Chou


DEP / ASLR on Windows x86 binaries

------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Wrapper-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/wrapper-user



------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Wrapper-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/wrapper-user



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Wrapper-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/wrapper-user
Reply | Threaded
Open this post in threaded view
|

Re: DEP / ASLR on Windows x86 binaries

Maxime
Hello

A few months ago, you pointed out that the Wrapper doesn't specify it is DEP & ASLR compatible.
The version 3.5.33 of the Wrapper has just been released and enables both DEP & ASLR for Windows. Note that DEP is enabled through a dynamic call to SetProcessDEPPolicy of the NX API. This was done to enable DEP on Windows XP SP3 as well. ASLR is specified via the '/DYNAMICBASE' link option.

There is no change regarding DEP  when using the 64-bit version of the Wrapper because Windows automatically enables DEP for 64-bit processes.

You may have a look at the release notes for a full list of changes made in 3.5.33:

Please let me know if you have any questions.

Best Regards,

Maxime

2017-02-23 12:54 GMT+09:00 yi-jing chou <[hidden email]>:
Hi Maxime,

Thanks for your response.

Do you have any schedule to release the build to enable ASLR and DEP/NX?

For ASLR and DEP/NX in Windows x86, add "/NXCOMPAT" and "/DYNAMICBASE" into compile options can enable them.
I understand your consideration about to support different platforms, but for Windows x86 that is simple to add the compile options.
Could you please consider to release the build which ASLR and DEP/NX are enabled for Windows x86 first?

Thanks.

Best regards,
Gino

2017-01-12 16:59 GMT+08:00 Maxime <[hidden email]>:
Hello

Thank you for your email.

The Wrapper is indeed not compiled with the ASLR and DEP/NX compile flags in its current version.
We will investigate about the possible implications this may have on the different platforms we support, and consider adding these protections on a future release.

Best Regards,

Maxime


On Wed, Jan 11, 2017 at 4:08 PM, yi-jing chou <[hidden email]> wrote:
Hi, 

I find the wrapper.exe and wrapper.dll for Windows x86 doesn't enable DEP(Data Execution Prevention) and ASLR(Address space layout randomization).
It is a security risk and some malicious code can attack the program if it doesn't enable DEP / ASLR.

Do you have plan to enhance it?


Thank you
Gino Chou


DEP / ASLR on Windows x86 binaries

------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Wrapper-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/wrapper-user



------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Wrapper-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/wrapper-user



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Wrapper-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/wrapper-user



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Wrapper-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/wrapper-user