Home > Software > Linux



OpenBSD

Sort Desciption:

The OpenBSD UNIX variant was designed with an additional emphasis on security. ... OpenBSD adopted phkmalloc and adapted it to support guard pages and ...



Content Inside:

OpenBSDPage 11.daisy:268 (Plakosh Daniel)OpenBSDDaniel Plakosh Software Engineeering Institute vita1]Copyright 2005 Pearson Education Inc.20050927The OpenBSD UNIX variant was designed with an additional emphasis on security. In particularOpenBSD adopted phkmalloc and adapted it to support guard pages and randomization.Development ContextDynamic memory managementTechnology ContextC++ C OpenBSDAttacksAttacker executes arbitrary code on machine with permissions of compromised process or changes thebehavior of the program.RiskStandard C dynamic memory management functions such as malloc() calloc() and free()ISO/IEC 99] are prone to programmer mistakes that can lead to vulnerabilities resulting from bufferoverflow in the heap writing to already freed memory and freeing the same memory multiple times(e.g. doublefree vulnerabilities).DescriptionThe OpenBSD UNIX variant was designed with an additional emphasis on security. OpenBSD adoptedphkmalloc and adapted it to support guard pages and randomization. Table 1 shows some of theadditional security options added for the OpenBSD version of phkmalloc. The default options are AJ.Table 1. OpenBSD additional phkmalloc optionsFlagDescriptionFFreeguard. Enable use after free protection.Unused pages on the freelist are read and writeprotected to cause a segmentation fault uponaccess.GGuard. Enable guard pages and chunkOpenBSD1ID: 269 | Version: 5 | Date: 3/21/06 5:37:16 PMPage 2randomization. Each page size or larger allocationis followed by a guard page that will cause asegmentation fault upon any access. Smaller thanpagesize chunks are returned in a random order.ReferencesISO/IEC 99]ISO/IEC. ISO/IEC 9899 Second edition19991201 Programming Languages C.International Organization for Standardization1999.Pearson Education Inc. CopyrightThis material is excerpted from Secure Coding in C and C++ by Robert C. Seacord copyright 2006by Pearson Education Inc. published as a CERTbook in the SEI Series in Software Engineering. Allrights re ...

Source: buildsecurityin.us-cert.gov


add to Google Reader add to Google Bookmark add to bloglines add to newsgator add to FURL add to digg add to webnews add to Netscape add to Yahoo MyWeb add to spurl.net add to diigo Bookmark newsvine Bookmark del.icio.us Bookmark @ SIMPIFY Bookmark MISTER WONG Bookmark Linkarena Bookmark icio.de Bookmark oneview Bookmark folkd.com Bookmark yigg.de Bookmark reddit Bookmark StumbleUpon Bookmark Slashdot Bookmark blinklist Bookmark technorati add to blogmarks add to blinkbits add to ma.gnolia add to smarking.com add to netvouz add to co.mments add to Connotea add to de.lirio.us
Search Terms:

 

Related Files

TruePort Linux User Guide

Filed under: Software and Linux
TruePort Linux User Guide, Version 6.0, Part #5500164-10 1 TruePort Linux User Guide This document ... SSL/TLS Trouble Shooting ...

066 - Advanced Unix/Linux Admin & Microsoft Windows Integration

Filed under: Software and Linux
... com.au www.mit.com.au Overview This course has a strong practical slant covering the use of Linux ... and test login i) Security - Iptables, firewalling j) Putty -secure remote admin Day 5 Trouble shooting a ...

Using under OpenBSD

Filed under: Software and Linux
participates in the de] OpenBSD Translation Project. . runs the OpenBSD mirror at the University of Erlangen. Germany (. anoncvs2.de.openbsd.org ...

eurobsdcon 05 For Your Information: OpenBSD @ eurobsdcon 05 ...

Filed under: Software and Linux
Implementing and deploying OpenBSD based wireless networks using hostapd ... cesspoints and a centralized OpenBSD network booting and management server. ...

Using OpenBSD and Snort to build ready to roll Network Intrusion ...

Filed under: Software and Linux
Overview of OpenBSD and Snort. Deployment of Distributed Network Intrusion ... $OpenBSD: Makefilev1.201 2004/02/29 18:02:14 deraadt Exp $ ...