Comment by linkregister
9 hours ago
In your software, you set up a new heap for every pthread? I have never encountered this design pattern and would like to learn more.
9 hours ago
In your software, you set up a new heap for every pthread? I have never encountered this design pattern and would like to learn more.
If the workers weren't forked, the entire process would die to the SIGSEGV, and when it restarted the heap would be at a new address because of ASLR. This exploit couldn't work against a threaded daemon for that reason (only one guess).
In a world where they are forked, having a randomized heap base in each worker would also defeat the brute force approach. Instead of just fork(), it could execve() itself with some arguments that tell it to be a worker and where to find its brain, that would allow ASLR to do it.