On 6/29/06, Joco Salvatti <[EMAIL PROTECTED]> wrote:
>
> Hi all...
>
> I'd like to know if OpenBSD's gcc build binary files with built-in
> stack-smashing attacks protection.
>
> Thanks.
>
>
> --
> Joco Salvatti
> Undergraduating in Computer Science
> Federal University of Para - UFPA
> web: http://www.openbsd-pa.org
> e-mail: [EMAIL PROTECTED]
>
> Quote:
"
New Technologies
As we audit source code, we often invent new ways of solving problems.
Sometimes these ideas have been used before in some random application
written somewhere, but perhaps not taken to the degree that we do.
- strlcpy() and strlcat()
- Memory protection purify
- W^X
- .rodata segment
- Guard pages
- Randomized malloc()
- Randomized mmap()
- atexit() and stdio protection
- Privilege separation
- Privilege revocation
- Chroot jailing
- New uids
- ProPolice
- ... and others"
Read up on Propolice: http://www.trl.ibm.com/projects/security/ssp/
// dunceor
