Shared Object Load Order Randomization

As we mentioned in our blog article about the Offset2lib attack, we wanted to make our ASLR a little more secure against these types of attacks. One of the ways we can strengthen our ASLR implementation is by randomization the order in which shared objects get loaded when a program starts up. This removes one more piece of determinism and can further frustrate an attacker. We've now implemented it. This feature has been in our nightly builds for the past few days. I've been running it on multiple systems without issue. You can consider this feature as stable and ready for production use.

Tags: