Buffer Overflow Solutions in OpenBSD

OpenBSD: Buffer Overflow “Solutions” – KernelTrap
Theo de Raadt: “In the last while, a couple of people in OpenBSD have been putting
some buffer overflow “solutions” into our source tree; under my
continual prodding. I thought I would summarize some of these and how
they fit together, since what I have seen written up so far has been
wildly inaccurate. (Bad reporter, no cookie).

These are, in short form:

1) PROT_* purity
2) W^X
3) .rodata
4) propolice”

[See also grsecurity
which includes StackGuard.]

Leave a Reply