| version 1.19, 2018/10/01 20:16:14 |
version 1.20, 2018/10/01 20:27:57 |
|
|
| |
|
| <li>Security improvements: |
<li>Security improvements: |
| <ul> |
<ul> |
| |
<li>New <a href="https://man.openbsd.org/unveil.2">unveil(2)</a> |
| |
system call to restrict file system access of the calling |
| |
process to the specified files and directories. It is most |
| |
powerful when properly combined with privilege separation |
| |
and <a href="https://man.openbsd.org/pledge.2">pledge(2)</a>. |
| <li>New "retguard" security mechanism on amd64 and arm64: |
<li>New "retguard" security mechanism on amd64 and arm64: |
| use per-function random cookies to protect access to function |
use per-function random cookies to protect access to function |
| return instructions, making them harder to use in ROP gadgets. |
return instructions, making them harder to use in ROP gadgets. |
![[BACK]](/icons/back.gif){kind=icon}
Return to 64.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www