Changes between Version 8 and Version 9 of FutureHaiku/Security
- Timestamp:
- Dec 11, 2018, 6:07:35 PM (6 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
FutureHaiku/Security
v8 v9 1 == Already done == 2 3 * {{{W^X}}} for the kernel 4 * SMEP/SMAP 5 * ASLR & KASLR 6 * NX bit 7 1 8 == Low-Hanging Fruit == 2 9 … … 10 17 * message 11 18 * rdef 12 * getentropy and arc4random (https://review.haiku-os.org/#/c/haiku/+/32/) 19 20 * getentropy & arc4random (https://review.haiku-os.org/#/c/haiku/+/32/) 13 21 * secure memory allocation (non-swappable and erased on free, eg. mmap + mlock, https://github.com/gpg/libgcrypt/blob/master/src/secmem.c) 14 22 15 23 == Moderate == 16 24 17 * ~~{{{W^X}}}~~ (now [https://git.haiku-os.org/haiku/commit/?id=cb0977326dd79327ff3e342816e0dd118019b058 done] for kernelspace)18 25 * Don't allow opening files by inode (requires ABI break) 19 26 * devfs filemodes … … 27 34 * Meltdown? 28 35 29 == Already done==36 == Far Out == 30 37 31 * SMEP/SMAP 32 * ASLR 33 * execute disable 38 * Capability-based permissions (Android-style, disableable & re-enableable), probably added to package flags