That would cause grief to reproducible distro initiatives.
It is perfectly good enough for the error code enumeration to be statically randomized into hard coded constants. The attacker is very unlikely to flip every single bit of one valid value so that it resembles another valid value.
Even if the values were randomized at compile time, if the executable is readable to the attacker, the attacker can learn what those values are.
If the executable is not readable to the attacker, the attacker can just pull a copy of the executable from the distro package: executables are installed from widely used binary packages, not freshly compiled for every system.
> It is perfectly good enough for the error code enumeration to be statically randomized into hard coded constants.
A comment points out that they aren't randomized:
> The values used were chosen such that it takes a large number of bit flips to change from allowed to denied. Using random values doesn't really protect against this attack.
> gcc -DRND1=0x$(openssl rand -hex 4) ...
That would cause grief to reproducible distro initiatives.
It is perfectly good enough for the error code enumeration to be statically randomized into hard coded constants. The attacker is very unlikely to flip every single bit of one valid value so that it resembles another valid value.
Even if the values were randomized at compile time, if the executable is readable to the attacker, the attacker can learn what those values are.
If the executable is not readable to the attacker, the attacker can just pull a copy of the executable from the distro package: executables are installed from widely used binary packages, not freshly compiled for every system.