version 1.39, 2016/09/14 11:24:03 |
version 1.40, 2016/09/14 15:59:17 |
|
|
just a subset of programs and libraries but rather to all programs |
just a subset of programs and libraries but rather to all programs |
and libraries. |
and libraries. |
Implemented for OpenBSD 6.1 by Philip Guenther in August 2016. |
Implemented for OpenBSD 6.1 by Philip Guenther in August 2016. |
|
<li>Use of fork+exec in privilege separated programs. The strategy is to give |
|
each process a fresh & unique address space for ASLR, stack protector -- as |
|
protection against address space discovery attacks. Implemented first by |
|
Damien Miller (<a href="http://man.openbsd.org/OpenBSD-current/man8/sshd.8">sshd(8)</a> 2004), Claudio Jeker (<a href="http://man.openbsd.org/OpenBSD-current/man8/bgpd.8">bgpd(8)</a>, 2015), Eric Faurot (<a href="http://man.openbsd.org/OpenBSD-current/man8/smtpd.8">smtpd(8)</a>, 2016), |
|
Rafael Zalamena (various, 2016), and others. |
</ul> |
</ul> |
|
|
<h3>Functions</h3> |
<h3>Functions</h3> |