How to Disable ASLR and Why you Should do it

You may also like...

10 Responses

  1. Michael Stack says:

    The comment is key – you want future admins to know why something was done and the potential impact of changing it. Nice article.

  2. Tony Anzalone says:

    I have seen the DIA8555C message appear in db2diag.log after the completion of a RESTORE.
    The RESTORE is in a shell script and includes WITH PROMPTING and is followed by the required ROLLFOWARD. The script stops dead after the successful RESTORE without indicating any errors . Is it possible that ASLR is the cause of this?
    PS All commands run succesfully from command prompt. DB2 V9.7.2 Linux Redhat

  3. WhizzMan says:

    ASLR has a function and quite an important one. It’s not the end-all security solution to end all hacking attempts ever, but it’s an important part of making it harder for hackers to gain access to systems.

    If you get problems like this, please update to the latest versions of your Linux distributions and DB2. If the problem persists, file a support call at IBM, describing them that they probably suffer from a bug in their software that makes it impossible to work reliably with ASLR enabled. Since most Government facilities require ASLR to be enabled, IBM can’t afford this to happen and they should be more than willing to fix this bug.

    Don’t fight symptoms, but fix buggy software. Don’t let DBAs make security or SA decisions, but let them escalate this to a place where they can properly solve the problem, not mask the cause.

  4. paul says:

    Hi Ember,

    But default this ASLR is enabled in new Linux distribution.

    Any command to check the same

    Thanks
    Paul

    • Ember Crooks says:

      As long as you’re at 10.1 Fixpack 3 or later (any 10.5, I think), then you do’t need to check it.

  5. gopi krishna says:

    I tried to install db2V9.7fp10 & db2V9.7fp11 & db2V10.5fp4 versions but ASLR is restricted to installation on default path /opt/IBM/db2v9.7. Please help here how can I disable this ASLR permanently. I am using redhat Linux 6.4-x86_64-dvd.iso file through VMware.

  1. January 5, 2016

    […] How to Disable ASLR and Why you Should do it […]

Leave a Reply

Your email address will not be published. Required fields are marked *