Weak Default Configuration for uksp and ukswrand

[lrapp-x41-pub]

From a security perspective, the default configuration for uksp and ukswrand is not the most secure one.

uksp:

• Default "Stack protector level" is STACKPROTECTOR_REGULAR instead of STACKPROTECTOR_ALL
• Default "Canary Value" is LIBUKSP_VALUE_USECONSTANT instead of LIBUKSP_VALUE_RANDOM

ukswrand:

• Default "Initial seed" is LIBUKSWRAND_INITIALSEED_TIME instead of LIBUKSWRAND_INITIALSEED_RDRAND

The default configuration leads to known or predictable canary values.
An attacker might be able to use this knowledge to embed the known canary value at the correct place in the exploit string and overwrite the canary with the correct value to circumvent stack smashing protection that way.
As many users might use the default configuration, it should be considered to choose the most secure option as default configuration.

[razvand]

@lrapp-x41-pub, since we are already (viciously) using the Unikraft Discord server for discussions, meetings, brainstorming and jokes (mostly bad, we do what we can), we will close the Discussions tab. We will do this on Friday, March 31, 2023.

Please move any discussions or questions on the Unikraft Discord server. See you all there! 🤝