Enable chromium ASLR features for Windows content

NEW
Unassigned

Status

()

P2
normal
2 years ago
3 months ago

People

(Reporter: jimm, Unassigned)

Tracking

Trunk
All
Windows
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: sb+)

(Reporter)

Description

2 years ago
Mitigation flags:

MITIGATION_BOTTOM_UP_ASLR - random lower bound as the minimum user address
MITIGATION_RELOCATE_IMAGE - Forces ASLR on all images
MITIGATION_HIGH_ENTROPY_ASLR - increased randomness range for bottom-up ASLR
MITIGATION_RELOCATE_IMAGE_REQUIRED - refuse to load dlls that can't be relocated

I don't see issues with any of these for content.

Note, Tom filed this bug on MITIGATION_BOTTOM_UP_ASLR - 
https://bugs.chromium.org/p/chromium/issues/detail?id=727708
(Reporter)

Updated

a year ago
OS: Unspecified → Windows
Priority: -- → P2
Hardware: Unspecified → All
(Reporter)

Updated

11 months ago
Assignee: jmathies → nobody
(Reporter)

Comment 2

11 months ago
Hey David, lets take a look at these and see if we can knock any of these out (or close this bug as invalid). Some of these ALSR settings kick in by default. The current sandbox feature comparison spreadsheet has notes about this on individual flags.
Flags: needinfo?(davidp99)
(Reporter)

Updated

3 months ago
Flags: needinfo?(davidp99)
You need to log in before you can comment on or make changes to this bug.