Revision as of 07:37, 11 May 2008 view source osdev>Blound No edit summary ← Older edit		Revision as of 08:04, 11 May 2008 view source osdev>Blound →‎C/C++/ASM Newer edit →
Line 33: ===C/C++/ASM=== ==Exploiting== Stack Based Overflows [[Stack-Based-Overflow]] Line 48 ⟶ 49: I will add more notes later if the above links do not help or if extra special attention is paid to this topic. ==Prevention== While obviously these cannot be directly applied to hobby OSes, the ideas can certainly be used and ported to them. The best set of documents for securing systems can be found at [http://pax.grsecurity.net/docs/ PaX Design and Implementation] Pax provides almost all the operating system security you need. Reading the documents pertaining to its implementations should allow Hobby OS developers to use most of these ideas in their systems. Most current Windows/BSD (kernel) protections are based on these schemes. Userland Protections can be attributed to [http://en.wikipedia.org/wiki/Address_space_layout_randomization ASLR], Heap Cookies (along with general heap hardening), Stack Canaries, and NX. Using these mechanisms does not prevent corruption of in memory data, but instead makes using the corruption for elevated privledges/advantage very difficult.

Security: Difference between revisions