1. 22
    1. 8

      By comparison, using ptrace to modify unwritable pages in HardenedBSD is disallowed by default due to our PaX NOEXEC implementation. FreeBSD/HardenedBSD doesn’t use procfs and is generally left umounted. procfs’ /proc/pid/mem on HardenedBSD is a fancy wrapper for ptrace.

      We’ve applied extra hardening to procfs to mitigate malicious use of procfs, like this exploit did.

    2. 4

      This post helped me understand a technique I was having a tough time explaining to a client a couple months back. Next time this comes up I’ll be better prepared! Thank you for posting this.