> From: Jason Coombs [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, February 05, 2003 5:08 PM
> A properly security-hardened binary DOES NOT require support
> for arbitrary relocations, arbitrary dynamic library injection,
> arbitrary code injection resulting in new execute paths defined at
> run-
ubject: RE: Observation on randomization/rebiasing...
> From: Jason Coombs [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, February 05, 2003 5:08 PM
> A properly security-hardened binary DOES NOT require support
> for arbitrary relocations, arbitrary dynamic library injection,
>
Nicholas Weaver wrote:
> There already IS some randomization in Sapphire's host,
> and the Sapphire code goes through the routine to disambiguate
GetProcAddress and similar APIs were not created with security in mind. They
were built for the benefit of programmers, who also were not created with
s
