===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/34.html,v
retrieving revision 1.13
retrieving revision 1.14
diff -c -r1.13 -r1.14
*** www/34.html	2003/09/04 18:23:19	1.13
--- www/34.html	2003/09/04 19:15:21	1.14
***************
*** 79,92 ****
  
  <li>Further W^X improvements, including support for the i386 architecture.
      Native i386 binaries have their executable segments rearranged to support
!     isolating code from data.
  <p>
  
  <li>ld.so on ELF platforms now loads libraries in a random order for
!     greater resistance to attacks.  The i386 architecture also has libraries
!     mapped at random addresses.  Along with W^X, these changes increase the
!     difficulty of successfully exploiting an application error, such as a
!     buffer overflow.
  <p>
  
  <li>A static bounds checker has been added to the compiler to perform basic
--- 79,93 ----
  
  <li>Further W^X improvements, including support for the i386 architecture.
      Native i386 binaries have their executable segments rearranged to support
!     isolating code from data, and the cpu CS limit is used to impose a best
!     effort limit on code execution.
  <p>
  
  <li>ld.so on ELF platforms now loads libraries in a random order for
!     greater resistance to attacks.  The i386 architecture also maps libraries
!     somewhat randomized addresses.  Together with W^X and ProPolice, these
!     changes increase the difficulty of successfully exploiting an application
!     error, such as a buffer overflow.
  <p>
  
  <li>A static bounds checker has been added to the compiler to perform basic
***************
*** 487,493 ****
  alt="OpenBSD"></a>
  <a href="mailto:www@openbsd.org">www@openbsd.org</a>
  <br><small>
! $OpenBSD: 34.html,v 1.13 2003/09/04 18:23:19 david Exp $
  </small>
  
  </body>
--- 488,494 ----
  alt="OpenBSD"></a>
  <a href="mailto:www@openbsd.org">www@openbsd.org</a>
  <br><small>
! $OpenBSD: 34.html,v 1.14 2003/09/04 19:15:21 deraadt Exp $
  </small>
  
  </body>