Linked by Dareka on Fri 19th Apr 2013 10:40 UTC
BeOS & Derivatives "Starting with hrev45522, address space layout randomization (ASLR) and data execution prevention (DEP) are available in Haiku. These two features, which have actually become a standard in any modern OS, make it much harder to exploit any vulnerability that may be present in an application running on Haiku, thus generally improving system security."
Permalink for comment 559441
To read all comments associated with this story, please click here.
RE[2]: Funny
by Alfman on Mon 22nd Apr 2013 09:50 UTC in reply to "RE: Funny"
Alfman
Member since:
2011-01-28

WereCatf,


"Problem one, right there: all applications get their own, private address mappings, it's not a global one."

It doesn't need to be that way. I was talking to neolander a while back and a global mapping has some advantages when pages are shared because the pointers contained within those pages are valid in any process.

There are security implications depending on how it's used, but it's no worse than sharing pages at relocatable addresses since untrusted offsets would still need to be bounds checked
anyways. Trusted processes would have a much easier time sharing actual objects between them (and not just serializing objects to/from the shared page).

"Problem two: it's not only the base location of the executable code itself that's randomized, it also applies to libraries, data, heap and such."

It sounded to me sort of implied that his version of malloc did that. Maybe I read it too optimistically, but I don't think the post was worthy of the downvotes. (It didn't have the religious overtones like some of the other comments).

Edited 2013-04-22 09:52 UTC

Reply Parent Score: 2