by Anonymous Coward writes:
on Wednesday January 14, 2015 @10:30AM (#48810705)
According to Wikipedia, which is always right:
Similar features are available for other operating systems, including the PaX and Exec Shield patches for Linux, and NetBSD 4+'s implementation of PaX.
Still of limited value. ROP [wikipedia.org] already bypasses DEP/NX protections, which are required for W^X to be effective. ROP techniques are used to great effect in iPhone jailbreaks.
These protections may guard against a (very small subset of) casual attackers, but they're just another minor hurdle for determined attackers.
with BSD being in everything from printers to elevator controllers (and Apple products), it's not a small target but more of a less visible one to date
True. This was also my first reaction. If you read the whole post and speak BSD, however, you'll notice that full kernel-space ASLR is under way as well. So, once again, OpenBSD leads exploit mitigation.
ASLR is already implemented in Windows (since Vista for libraries, and 7 for kernel, IIRC) and OS X (since 10.5 for libraries, and 10.8 for everything), in iOS since 4.3, Android since 4.0.
I'll leave it as a judgment call to the reader as to how effective/successful any of those have been.
Professional wrestling: ballet for the common man.
Status on other UNIX like kernels (Score:1)
Does anyone know what the status is on other UNIX like kernels with respect to this W^X security feature? Is OpenBSD pioneering new ground here?
Re:Status on other UNIX like kernels (Score:5, Informative)
According to Wikipedia, which is always right:
Similar features are available for other operating systems, including the PaX and Exec Shield patches for Linux, and NetBSD 4+'s implementation of PaX.
W^X [wikipedia.org]
Re:Status on other UNIX like kernels (Score:5, Insightful)
Except that only userland benefitted from that till now.
Now it's even for the kernel, that's the news here.
Re: (Score:3)
Still of limited value. ROP [wikipedia.org] already bypasses DEP/NX protections, which are required for W^X to be effective. ROP techniques are used to great effect in iPhone jailbreaks.
These protections may guard against a (very small subset of) casual attackers, but they're just another minor hurdle for determined attackers.
For a primer, see also: https://en.wikipedia.org/wiki/... [wikipedia.org] (And the rest of the article.)
The biggest security advantage that BSD has is being such a small target.
Re: (Score:3)
with BSD being in everything from printers to elevator controllers (and Apple products), it's not a small target but more of a less visible one to date
Re: Status on other UNIX like kernels (Score:2)
True. This was also my first reaction.
If you read the whole post and speak BSD, however, you'll notice that full kernel-space ASLR is under way as well. So, once again, OpenBSD leads exploit mitigation.
Re: (Score:2)
ASLR is already implemented in Windows (since Vista for libraries, and 7 for kernel, IIRC) and OS X (since 10.5 for libraries, and 10.8 for everything), in iOS since 4.3, Android since 4.0.
I'll leave it as a judgment call to the reader as to how effective/successful any of those have been.