mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aaron Wood <aaron.w...@verizon.com>
Subject Re: Review Request 52645: Harden Mesos
Date Mon, 10 Oct 2016 15:40:39 GMT


On Oct. 7, 2016, 10:15 p.m., Aaron Wood wrote:
> > (1) Do we need to make the `CXXFLAGS` conditional on being supported by the current
compiler? Seems like these flags are quite specific to (certain versions of?) gcc/clang.
> > 
> > (2) You should split this review into three separate reviews: a single review should
make changes to at most one of Mesos, libprocess, and stout.
> > 
> > (3) What _specific_ attack vectors are these changes intended to prevent?

1. I believe the only flag that we need to watch out for with compatability is the `-fstack-protector-strong`.
Since Mesos currently requires GCC >= 4.8.1 I think we should be good with the rest. Since
`-fstack-protector-strong` is supported in GCC >= 4.9 I propose that we require at least
this version.
2. Will do that right now :)
3. Overall the changes here should help prevent buffer overflows, stack overflows, and general
memory corruption attacks. Having position independent code/binaries will also better take
advantage of address space layout randomization which makes it much harder to successfully
perform exploits. This should ideally give us better protection from zero days as well.


- Aaron


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52645/#review151886
-----------------------------------------------------------


On Oct. 7, 2016, 7:22 p.m., Aaron Wood wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/52645/
> -----------------------------------------------------------
> 
> (Updated Oct. 7, 2016, 7:22 p.m.)
> 
> 
> Review request for mesos and Michael Park.
> 
> 
> Bugs: MESOS-6229
>     https://issues.apache.org/jira/browse/MESOS-6229
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Use a default set of flags to provide additional security and hardening to Mesos. Additionally,
check and catch more warnings/errors.
> 
> 
> Diffs
> -----
> 
>   3rdparty/libprocess/Makefile.am 020b0e1 
>   3rdparty/stout/Makefile.am fda069d 
>   src/Makefile.am bfdb66a 
> 
> Diff: https://reviews.apache.org/r/52645/diff/
> 
> 
> Testing
> -------
> 
> Compared the benchmarks with and without the flags being used. Also did a comparsion
with the flags being used with and without optimizations and without the flags being used
with and without optimizations. Overall the performance hit was very small with a 3-8% overhead
(optimizations brings this down slightly). Most benchmarks were about 5% (or less) slower.
> 
> 
> Thanks,
> 
> Aaron Wood
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message