Address space layout randomization (ASLR)

QNX SDP8.0QNX OS System Security GuideAPIConfiguration

Address space layout randomization varies the location of data and instructions each time an executable is loaded as long as it was compiled with Position-Independent Executable (PIE) support.

ASLR is built-in to the system and enabled by starting procnto with the -mr option. QNX recommends that you leave it enabled. For information on disabling ASLR, see the procnto entry in the Utilities Reference.

Address space layout randomization is implemented for the following system elements:
  • Executable code — Program segments marked as executable that are loaded by the dynamic loader. The application must be compiled with PIE.

  • Stack — Both the page and the offset within the page are randomized.

  • Heap — The page is randomized.

  • Shared memory — Memory shared among multiple processes is mapped at a different randomized virtual address in each process.

  • libc and dynamic loader — Both the location of libc and the location of the dynamic loader are randomized in the virtual address space of a process. Although shared objects such as libc and the dynamic loader are mapped at random addresses, if the order of loading stays the same, they are mapped at the same address in relation to each other.

  • Command line arguments — The location of command line arguments within the virtual address space of a process is randomized.

Page updated: