
SROP Mitigation - ashitlerferad
https://rashmica.co.nz/2016/04/29/srop-mitigation/
======
gbrown_
Mitigations have also been recently committed into OpenBSD.

[https://marc.info/?l=openbsd-
tech&m=146281531025185&w=2](https://marc.info/?l=openbsd-
tech&m=146281531025185&w=2)

~~~
anjbe
And Sortix:

[https://gitlab.com/sortix/sortix/commit/2e03bd94d311781d5a47...](https://gitlab.com/sortix/sortix/commit/2e03bd94d311781d5a47c7e95049b42da5651b33)

------
koolba
In what situation would a rogue process be able to perform this exploit and
not already be compromised?

~~~
tptacek
[http://lwn.net/Articles/676803/](http://lwn.net/Articles/676803/)

~~~
koolba
So would this be a way to circumvent W^X? I'm still not understanding what
situation is made more vulnerable from this that isn't already entirely
compromised.

~~~
tptacek
ROP is, in general, a way of circumventing W^X and ASLR. SROP makes ROP
easier.

