version 1.5, 2003/03/25 23:02:11 |
version 1.6, 2003/03/25 23:19:19 |
|
|
enabled by default. |
enabled by default. |
<p> |
<p> |
|
|
<li>W^X (pronounced: "W or X") binaries on ELF architectures. This is |
<li>W^X (pronounced: "W xor X") binaries on ELF architectures. This is |
a fine-grained memory permissions layout, ensuring that memory which can be |
a fine-grained memory permissions layout, ensuring that memory which can be |
written to by application programs can not be executable at the same time. |
written to by application programs can not be executable at the same time |
This raises the bar on potential buffer overflows and other attacks. |
and vice versa. This raises the bar on potential buffer overflows and other |
|
attacks. |
<p> |
<p> |
|
|
<li>Still more reduction in setuid and setgid binaries, and more chroot |
<li>Still more reduction in setuid and setgid binaries, and more chroot |