version 1.277, 2004/03/17 22:22:05 |
version 1.278, 2004/03/24 07:36:29 |
|
|
</table> |
</table> |
<hr> |
<hr> |
|
|
<dl> |
<ul> |
<a name=goals></a> |
<a name=goals></a> |
<li><h3><font color=#e00000>Goal</font></h3><p> |
<li><h3><font color=#e00000>Goal</font></h3><p> |
|
|
|
|
from full exploitability of complex step-by-step attacks because we |
from full exploitability of complex step-by-step attacks because we |
had fixed one of the intermediate steps. An example of where we |
had fixed one of the intermediate steps. An example of where we |
managed such a success is the lpd advisory that Secure Networks put out. |
managed such a success is the lpd advisory that Secure Networks put out. |
|
<p> |
|
|
|
<a name=newtech></a> |
|
<li><h3><font color=#e00000>New Technologies</font></h3><p> |
|
|
|
As we audit source code, we often invent new ways of solving problems. |
|
Sometimes these ideas have been used before in some random application |
|
written somewhere, but perhaps not taken to the degree that we do. |
|
<p> |
|
|
|
<ul> |
|
<li>strlcpy() and strlcat() |
|
<li>Memory protection purify |
|
<ul> |
|
<li>W^X |
|
<li>.rodata segment |
|
<li>Guard pages |
|
<li>Randomized malloc() |
|
<li>Randomized mmap() |
|
<li>atexit() and stdio protection |
|
</ul> |
|
<li>Privilege seperation |
|
<li>Privilege revocation |
|
<li>Chroot jailing |
|
<li>New uids |
|
<li>ProPolice |
|
<li>... and others |
|
</ul> |
<p> |
<p> |
|
|
<li><h3><font color=#e00000>The Reward</font></h3><p> |
<li><h3><font color=#e00000>The Reward</font></h3><p> |