| version 1.39, 2016/09/14 11:24:03 |
version 1.40, 2016/09/14 15:59:17 |
|
|
| just a subset of programs and libraries but rather to all programs |
just a subset of programs and libraries but rather to all programs |
| and libraries. |
and libraries. |
| Implemented for OpenBSD 6.1 by Philip Guenther in August 2016. |
Implemented for OpenBSD 6.1 by Philip Guenther in August 2016. |
| |
<li>Use of fork+exec in privilege separated programs. The strategy is to give |
| |
each process a fresh & unique address space for ASLR, stack protector -- as |
| |
protection against address space discovery attacks. Implemented first by |
| |
Damien Miller (<a href="http://man.openbsd.org/OpenBSD-current/man8/sshd.8">sshd(8)</a> 2004), Claudio Jeker (<a href="http://man.openbsd.org/OpenBSD-current/man8/bgpd.8">bgpd(8)</a>, 2015), Eric Faurot (<a href="http://man.openbsd.org/OpenBSD-current/man8/smtpd.8">smtpd(8)</a>, 2016), |
| |
Rafael Zalamena (various, 2016), and others. |
| </ul> |
</ul> |
| |
|
| <h3>Functions</h3> |
<h3>Functions</h3> |
![[BACK]](/icons/back.gif){kind=icon}
Return to innovations.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www