[Eug-lug] EDITOR'S NOTE:
Po Petz
po at ciphermonkeys.org
Thu Aug 5 14:20:43 PDT 2004
On Thu, 5 Aug 2004, Bob Miller wrote:
> Jacob Meuser wrote:
>
> > But then again, using safer functions, W^X, randomized memory allocation
> > and mapping, privilege separation, propolice, etc, minimize the risk
> > of bugs becoming serious security problems. Some of these things are
> > available for linux, but in OpenBSD they are there by default.
>
> What's W^X?
Shorthand for "Writable or Executable." It's an OpenBSD kernel
enhancement (and loader too, I think) that allows areas of memory to be
marked explicitly with a flag that ensures that parts of memory are not
simultaneously writeable and executable. Good for stopping a class of
attacks on the x86 platform.
The "PaX" project has something similar for linux.
http://pax.grsecurity.net/docs/
-po
More information about the EUGLUG
mailing list