Date: Sat, 11 Oct 2014 01:53:31 +0000 (UTC) From: Benjamin Kaduk <bjk@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45786 - head/en_US.ISO8859-1/htdocs/news/status Message-ID: <201410110153.s9B1rVgF041153@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bjk Date: Sat Oct 11 01:53:30 2014 New Revision: 45786 URL: https://svnweb.freebsd.org/changeset/doc/45786 Log: Add the ASLR report Approved by: hrs (mentor, blanket) Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-07-2014-09.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-07-2014-09.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-07-2014-09.xml Sat Oct 11 01:49:33 2014 (r45785) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-07-2014-09.xml Sat Oct 11 01:53:30 2014 (r45786) @@ -2096,4 +2096,94 @@ </task> </help> </project> + + <project cat='proj'> + <title>Address Space Layout Randomization (ASLR)</title> + + <contact> + <person> + <name> + <given>Shawn</given> + <common>Webb</common> + </name> + + <email>shawn.webb@hardenedbsd.org</email> + </person> + <person> + <name> + <given>Oliver</given> + <common>Pinter</common> + </name> + + <email>oliver.pinter@hardenedbsd.org</email> + </person> + </contact> + + <links> + <url href="http://hardenedbsd.org/">The HardenedBSD Project</url> + <url href="https://reviews.freebsd.org/D473">ASLR review + on Phabricator</url> + <url href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=193940">; + EXP-RUN test results</url> + <url href="https://wiki.freebsd.org/201409DevSummit/ASLR">EuroBSDCon + 2014 Devsummit page on ASLR</url> + <url href="https://wiki.freebsd.org/AddressSpaceLayoutRandomization">; + FreeBSD wiki page on ASLR</url> + </links> + + <body> + <p>Address Space Layout Randomization (ASLR) is a computer + security technique that aids in mitigating low-level + vulnerabilities such as buffer overflows. In order to + prevent an attacker from knowing where a given + exploitable vulnerability lies in memory, ASLR randomizes + the memory layout of running applications.</p> + + <p>FreeBSD lacks behind the industry in exploit mitigation + technologies. ASLR is a great first step in implementing + such technologies. Future exploit mitigation technologies + will rely on ASLR.</p> + + <p>A lot has happened in the last few months. Shawn Webb gave + presentations at both BSDCan 2014 and EuroBSDCon 2014. The + presentations were met with a lot of support and backing. + At the end of EuroBSDCon, an awesome developer named Ilya + Bakulin fixed our ARM bug. Shawn Webb and Oliver Pinter + have submitted our patch to Phabricator, FreeBSD's new + code review utility. Shawn Webb added an API for allowing + a debugger to disable ASLR in order to support + deterministic debugging with applications such as lldb or + gdb. Oliver Pinter enhanced the performance of our ASLR + implementation. A package building exp-run was ran and came + out favorably in terms of performance. Shawn Webb bumped up + the maximum number of bits allowed to be randomized to 20 + and set the default to 14.</p> + + <p>To aid in the upstreaming process of the ASLR project and + other security-related projects, Shan Webb and Oliver Pinter + founded The HardenedBSD project. It exists primarily to + serve as a staging area for bleeding-edge development of + security-related projects for FreeBSD prior to being merged + upstream.</p> + + </body> + + <sponsor>SoldierX</sponsor> + + <help> + <task> + <p>Get more people testing and reviewing our patch</p> + </task> + <task> + <p>Run more performance tests</p> + </task> + <task> + <p>Figure out why the two ports failed in the EXP-RUN. + Involve the port maintainers.</p> + </task> + <task> + <p>Test on different architectures (we need help with this)</p> + </task> + </help> + </project> </report>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201410110153.s9B1rVgF041153>