| version 1.25, 2003/04/03 14:41:12 |
version 1.26, 2003/04/19 08:13:26 |
|
|
| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
p<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
| <html> |
<html> |
| <head> |
<head> |
| <title>OpenBSD 3.3 Release</title> |
<title>OpenBSD 3.3 Release</title> |
|
|
| <ul> |
<ul> |
| <li>Integration of the |
<li>Integration of the |
| <a href="http://www.trl.ibm.com/projects/security/ssp">ProPolice</a> |
<a href="http://www.trl.ibm.com/projects/security/ssp">ProPolice</a> |
| stack protection technology into the system compiler. This protection is |
stack protection technology, by Hiroaki Etoh, into the system |
| enabled by default. With this change, function prologues are modified |
compiler. This protection is enabled by default. With this change, |
| to rearrange the stack: a random canary is placed before the return |
function prologues are modified to rearrange the stack: a random |
| address, and buffer variables are moved closer to the canary so that |
canary is placed before the return address, and buffer variables are |
| regular variables are below, and harder to smash. The function |
moved closer to the canary so that regular variables are below, and |
| epilogue then checks if the canary is still intact. If it is not, |
harder to smash. The function epilogue then checks if the canary is |
| the process is terminated. This change makes it very hard for an |
still intact. If it is not, the process is terminated. This change |
| attacker to modify the return address used when returning from a |
makes it very hard for an attacker to modify the return address used |
| function. |
when returning from a function. |
| <p> |
<p> |
| |
|
| <li>W^X (pronounced: "W xor X") on architectures capable of |
<li>W^X (pronounced: "W xor X") on architectures capable of |
|
|
| executable at the same time and vice versa. This raises the bar on |
executable at the same time and vice versa. This raises the bar on |
| potential buffer overflows and other attacks: as a result, an attacker |
potential buffer overflows and other attacks: as a result, an attacker |
| is unable to write code anywhere in memory where it can be executed. |
is unable to write code anywhere in memory where it can be executed. |
| (NOTE: i386 and powerpc do not support W^X in 3.3; however, 3.4 will |
(NOTE: i386 and powerpc do not support W^X in 3.3; however, 3.3-current |
| make this change on those architectures as well). |
already supports it on i386, and both these processors are expected to |
| |
support this change in 3.4). |
| <p> |
<p> |
| |
|
| <li>Still more reduction in setuid and setgid binaries, and more chroot |
<li>Still more reduction in setuid and setgid binaries, and more chroot |
![[BACK]](/icons/back.gif){kind=icon}
Return to 33.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www