Can somebody please point me at a good resource for understanding how exec-shield and memory randomization work?
Specifically, I'm trying to understand the randomize_va_space variable in /proc/sys/kernel/.
Is randomize_va_space independent of /proc/sys/kernel/exec-shield? That is, if I "echo 0 > /proc/sys/kernel/exec-shield", I would have thought that would also turn off memory randomization, but that doesn't seem to be the case. Are things supposed to work that way, or am I goofing something up?
Finally, is there a way to disable randomization on a per-binary basis (with an ELF flag or lack thereof)? I seem have a binary (sbcl) that doesn't like memory randomization. Rather than turn it off globally, I'd rather just mark the binary as incompatible with it.
Thanks,