===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/34.html,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- www/34.html	2003/09/04 18:23:19	1.13
+++ www/34.html	2003/09/04 19:15:21	1.14
@@ -79,14 +79,15 @@
 
 <li>Further W^X improvements, including support for the i386 architecture.
     Native i386 binaries have their executable segments rearranged to support
-    isolating code from data.
+    isolating code from data, and the cpu CS limit is used to impose a best
+    effort limit on code execution.
 <p>
 
 <li>ld.so on ELF platforms now loads libraries in a random order for
-    greater resistance to attacks.  The i386 architecture also has libraries
-    mapped at random addresses.  Along with W^X, these changes increase the
-    difficulty of successfully exploiting an application error, such as a
-    buffer overflow.
+    greater resistance to attacks.  The i386 architecture also maps libraries
+    somewhat randomized addresses.  Together with W^X and ProPolice, these
+    changes increase the difficulty of successfully exploiting an application
+    error, such as a buffer overflow.
 <p>
 
 <li>A static bounds checker has been added to the compiler to perform basic
@@ -487,7 +488,7 @@
 alt="OpenBSD"></a>
 <a href="mailto:www@openbsd.org">www@openbsd.org</a>
 <br><small>
-$OpenBSD: 34.html,v 1.13 2003/09/04 18:23:19 david Exp $
+$OpenBSD: 34.html,v 1.14 2003/09/04 19:15:21 deraadt Exp $
 </small>
 
 </body>