Changes between Version 8 and Version 9 of FutureHaiku/Security


Ignore:
Timestamp:
Dec 11, 2018, 6:07:35 PM (20 months ago)
Author:
waddlesplash
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • FutureHaiku/Security

    v8 v9  
     1== Already done ==
     2
     3 * {{{W^X}}} for the kernel
     4 * SMEP/SMAP
     5 * ASLR & KASLR
     6 * NX bit
     7
    18== Low-Hanging Fruit ==
    29
     
    1017   * message
    1118   * rdef
    12  * getentropy and arc4random (https://review.haiku-os.org/#/c/haiku/+/32/)
     19
     20 * getentropy & arc4random (https://review.haiku-os.org/#/c/haiku/+/32/)
    1321 * secure memory allocation (non-swappable and erased on free, eg. mmap + mlock, https://github.com/gpg/libgcrypt/blob/master/src/secmem.c)
    1422
    1523== Moderate ==
    1624
    17  * ~~{{{W^X}}}~~ (now [https://git.haiku-os.org/haiku/commit/?id=cb0977326dd79327ff3e342816e0dd118019b058 done] for kernelspace)
    1825 * Don't allow opening files by inode (requires ABI break)
    1926 * devfs filemodes
     
    2734 * Meltdown?
    2835
    29 == Already done ==
     36== Far Out ==
    3037
    31  * SMEP/SMAP
    32  * ASLR
    33  * execute disable
     38 * Capability-based permissions (Android-style, disableable & re-enableable), probably added to package flags