Unlimiting the stack not longer disables ASLR

  • Marco Gisbert, Hector (Recipient) & Ripoll, Ismael (Recipient)

Prize: National/international honour


Google rewarded us for removing the possibility to disable the ASLR in the Linux kernel for 32-bit apps. Any user, able to run 32-bit applications in a x86 machine, could disable the ASLR by setting the RLIMIT_STACK resource to unlimited. Which was a problem when executing privileged application (i.e. setuid/setgid executables). Now, the ASLR can no longer be disabled.
Granting OrganisationsGoogle Inc.


  • Cybersecurity
  • ASLR
  • Linux