Hardened malloc: Difference between revisions

Latest revision as of 01:05, 22 January 2025

What is it?

An excerpt on github [1]:

This is a security-focused general purpose memory allocator providing the malloc API along with various extensions. It provides substantial hardening against heap corruption vulnerabilities.

How to use

Note: Need Alpine Linux Edge with testing repo in /etc/apk/repositories

$ doas apk add hardened-malloc

Then you can set LD_PRELOAD="/usr/lib/libhardened_malloc.so" while launching individual applications or before your window manager starts if you prefer. For a more global setting placing the LD_PRELOAD reference into /etc/profile or /etc/profile.d/ might help, as well as /etc/environment for PAM-based systems.

External sources

Hardened malloc github

https://github.com/GrapheneOS/hardened_malloc [1]

@@ Line 5: / Line 5: @@
 === How to use ===
-{{note| Need Alpine Linux Edge with testing repo in <code>/etc/apk/repositories</code>}}
+{{note| Need Alpine Linux Edge with testing repo in {{path|/etc/apk/repositories}}}}
-{{cmd| $ doas apk add hardened-malloc}}
+{{cmd| $ doas apk add {{pkg|hardened-malloc|arch=}}}}
-{{cmd| $ doas echo /usr/lib/libhardened_malloc.so > /etc/ld.so.preload}}
+Then you can set <code>LD_PRELOAD="/usr/lib/libhardened_malloc.so"</code> while launching individual applications or before your window manager starts if you prefer.  For a more global setting placing the LD_PRELOAD reference into {{path|/etc/profile}} or {{path|/etc/profile.d/}} might help, as well as {{path|/etc/environment}} for PAM-based systems.
+=== External sources ===
+Hardened malloc github
+* [https://github.com/GrapheneOS/hardened_malloc https://github.com/GrapheneOS/hardened_malloc] [1]
+[[Category:Security]]