Mandatory ASLR breaks Cygwin - Windows 10

[Brian Inglis]

On 2020-08-25 08:36, Alexandria Cortez wrote:
> On Tuesday, August 25, 2020 10:35 AM, Eliot Moss wrote:>> On Aug 25, 2020, at 10:17 AM, Alexandria Cortez wrote:
>>> I was experimenting with security settings this morning on windows, and
>>> after changing Mandatory ASLR (Windows Security -> App and Browser Control
>>> -> Exploit Protection) to default on, no Cygwin programs that rely on the
>>> Cygwin dll would start, stating that a resource was temporarily unavailable
>>> and could not fork. Rebasell, bash, you name it crashed and would not start.
>>> After some investigation, turning off that setting allows Cygwin to work.
>>>
>>> Now the next question: why does this not work? Is this intended behavior or
>>> a bug? Having that setting turned on seems like a good idea from a security
>>> standpoint, and who knows it  may eventually become default.

>> It’s intentional; too long to explain in detail on phone, but fork
>> requires each dll to load in the child at the same address as in the
>> parent, and ASLR interferes with achieving that.
> Is there any plans to implement a workaround in the future? Seeing as Cygwin 
> is only one of two programs I've noticed that are broken with it on, it
> would be nice to be able to have it on from a security perspective.
Cygwin is an all-volunteer project - Someone Has To Do It!
Feel free to submit patches to support that in Cygwin under Windows.
A low level understanding of details of both is required.

-- 
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
[Data in IEC units and prefixes, physical quantities in SI.]