[CentOS-devel] Need info about kernel file "randomize_va_space"

Fri Jun 28 12:06:28 UTC 2019
Jonathan Billings <billings at negate.org>

On Fri, Jun 28, 2019 at 10:25:52AM +0000, Maheshwari, Shagun wrote:
> Because While running dASLR tool, "randomize_va_space
> unconfigurable" test in "Kernel Check" is FAILED.  
> 
> As per support for dASLR tool, "randomize_va_space_unconfigurable"
> fail means that "/proc/sys/kernel/randomize_va_space" has write
> permission. 

There's something wrong with that test if it's forcing you to make a
normally writable sysctl read-only via kernel patch.

One would expect a sysctl like /proc/sys/kernel/randomize_va_space to
be writable by root.  Changing that would confuse a lot of people.

I can't find any documentation for this tool, only broken links on the
web.  Perhaps it has been fixed to make more sense?

-- 
Jonathan Billings <billings at negate.org>