Marco Gisbert, Hector (Recipient) & Ripoll, Ismael (Recipient)
Prize: National/international honour
Description
Google rewarded us for removing the possibility to disable the ASLR in the Linux kernel for 32-bit apps.
Any user, able to run 32-bit applications in a x86 machine, could disable the ASLR by setting the RLIMIT_STACK resource to unlimited. Which was a problem when executing privileged application (i.e. setuid/setgid executables).
Now, the ASLR can no longer be disabled.