Postgres Pro
Downloads
Home   >   mailing lists

Thread: ASLR support for Postgres12

ASLR support for Postgres12

From
"Joel Mariadasan (jomariad)"
Date:

Hi All,

 

We found that Postgres12 doesn’t support ASLR. Attached the process explorer screenshot (Process_Explorer_ASLR.png).

 

Analyzing dumpbin headers of postgres looks like the /HIGHENTROPYVA flag set and not the /DYNAMICBASE flag(dumpbin_headers.txt). According to this link, resulting image will not have ASLR enabled.

 

Windows has a feature to force randomization of images (Mandatory ASLR for those images which have not been compiled with /DYNAMICBASE).

Enabling this also didn’t have any effect.

 

The base addresses of postgres in Process Explorer doesn’t change upon restart (Postgres_Imagebase.png).

 

We would like to know if there is a roadmap to enable ASLR support for postgre.

 

Let us know if you need more information.

 

Regards,

Joel

 

 

 

Attachment

Re: ASLR support for Postgres12

From
Tom Lane
Date:
"Joel Mariadasan (jomariad)" <jomariad@cisco.com> writes:
> We would like to know if there is a roadmap to enable ASLR support for postgre.

Not on Windows --- since that OS doesn't support fork(), it's too
difficult to get different child processes to map shared memory
at the same address if ASLR is active.

If that feature is important to you, use a different operating
system.

            regards, tom lane

RE: ASLR support for Postgres12

From
"Joel Mariadasan (jomariad)"
Date:
Thanks Tom for the quick Update.

Can you please point me to a link or give the list of OSes where ASLR is officially supported by Postgres?

Regards,
Joel

-----Original Message-----
From: Tom Lane <tgl@sss.pgh.pa.us>
Sent: Monday, March 23, 2020 8:16 PM
To: Joel Mariadasan (jomariad) <jomariad@cisco.com>
Cc: pgsql-hackers@postgresql.org
Subject: Re: ASLR support for Postgres12

"Joel Mariadasan (jomariad)" <jomariad@cisco.com> writes:
> We would like to know if there is a roadmap to enable ASLR support for postgre.

Not on Windows --- since that OS doesn't support fork(), it's too difficult to get different child processes to map
sharedmemory at the same address if ASLR is active. 

If that feature is important to you, use a different operating system.

            regards, tom lane

Re: ASLR support for Postgres12

From
Tom Lane
Date:
"Joel Mariadasan (jomariad)" <jomariad@cisco.com> writes:
> Can you please point me to a link or give the list of OSes where ASLR is officially supported by Postgres?

Everything except Windows.

            regards, tom lane