| version 1.28, 2017/10/02 19:43:51 |
version 1.29, 2017/10/02 20:47:29 |
|
|
| <a href="https://man.openbsd.org/csh.1">csh(1)</a> and |
<a href="https://man.openbsd.org/csh.1">csh(1)</a> and |
| <a href="https://man.openbsd.org/mail.1">mail(1)</a> |
<a href="https://man.openbsd.org/mail.1">mail(1)</a> |
| were rewritten to cope with the removal. |
were rewritten to cope with the removal. |
| <li><a href="https://www.openbsd.org/innovations.html">New mitigations</a> |
<li>Trapsleds, a new mitigation that significantly reduces the amount of |
| were added, Kernel Address Randomized Link (KARL) and Trapsleds. |
nops in the instruction stream, converting them to traps, eliminating |
| |
many potentially useful gadgets. |
| |
<li>Kernel Address Randomized Link (KARL), a new "link-kit" allows the .o |
| |
files of the kernel to be relinked in a random order, creating a unique |
| |
kernel for each boot. |
| |
<li>Like with libc previously, |
| |
<a href="https://man.openbsd.org/rc.8">rc(8)</a> re-links libcrypto on |
| |
startup, placing the objects in a random order. |
| |
<li>In addition to libcrypto, to deter code reuse exploits, |
| |
<a href="https://man.openbsd.org/rc.8">rc(8)</a> re-links |
| |
<a href="https://man.openbsd.org/ld.so.1">ld.so</a> on |
| |
startup, placing the objects in a random order. |
| </ul> |
</ul> |
| <p> |
<p> |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to 62.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www