How do we compare ASLR across different Operating Systems?

Address space layout randomization (ASLR) is a computer security technique which involves randomly arranging the positions of key data areas, usually including the base of the executable and position of libraries, heap, and stack, in a process's address space.

This is the description from Wikipedia.

Is it fair to estimate effectiveness of ASLR in two different OS by estimating the "randomness" of the positions of the key data areas?

Are there any other measurable factors by which we can compare ASLR effectiveness? Any tips on how to proceed?

---

I can think of several parameters that ASLR can implement in different degrees.

The variance of address randomization

The spatial "stickiness" of this randomization - how long do the address remain fixed

The temporal "stickiness" of this randomization - in how many objects eg processes does the address stay the same

The performance penalty during exe load

The runtime performance penality

The degree to which it break legacy coding practices (how ever bad they maybe)

It reliance on hardware features (memory protection, virtual memory)

The "wastage" of virtual address space

A requirement for recompilation of kernel or lack there of

A requirement for recompilation of other system support modules

链接地址: http://www.djcxy.com/p/62190.html

上一篇: ASLR和非Windows系统DLL

下一篇: 我们如何比较不同操作系统的ASLR？