www/innovations.html - diff

Return to innovations.html CVS log

Up to [local] / www

version 1.35, 2016/08/15 02:22:07

version 1.36, 2016/09/14 06:32:57

Line 383

violate it if the executable is marked with <tt>PT_OPENBSD_WXNEEDED</tt>

and it is located on a filesystem mounted with the <tt>wxallowed</tt>

<li>GOT and PLT protection by ld.so: first done as part of the W^X

work in OpenBSD 3.3, by Dale Rahn and Theo de Raadt.

The GOT and PLT regions are read-only outside of ld.so itself.

Extended to the .init/.fini sections (constructors and destructors)

in OpenBSD 3.4.

<li>ASLR: OpenBSD 3.4 was the first widely used operating system to

provide it by default.

Line 409

Line 414

<tt>libc.so</tt> on startup, placing the objects in a random order.

Theo de Raadt and Robert Peichaer, May 2016,

enabled by default since OpenBSD 6.0.

<li>Kernel-assisted lazy binding for W^X safety in multi-threaded programs.

permits lazy-binding to be W^X safe in multi-threaded programs.

Implemented for OpenBSD 5.9 by Philip Guenther in July 2015.

<li>Process layouts in memory tightened to remove execute permission from

all separate, non-instruction data and to remove write permission from

data that is only modified during loading and relocation.

By combining the RELRO (Read-Only after Relocation) design by the

GNU project with the original ASLR work from OpenBSD 3.3 and

strict lazy-binding work from OpenBSD 5.9, this is applied to not

just a subset of programs and libraries but rather to all programs

and libraries.

Implemented for OpenBSD 6.1 by Philip Guenther in August 2016.

</ul>

<h3>Functions</h3>