| Version 8 (modified by , 6 years ago) ( diff ) |
|---|
Low-Hanging Fruit
- Audit filesystem privilege checks
- Audit permissions of all folders in the default install
- Audit all syscalls & ioctls (_control) for privilege checks.
- _area functions probably need a lot of thinking here
- Run the userland as a non-privileged user
- Fuzz all in-tree parsers
- driver settings format
- message
- rdef
- getentropy and arc4random (https://review.haiku-os.org/#/c/haiku/+/32/)
- secure memory allocation (non-swappable and erased on free, eg. mmap + mlock, https://github.com/gpg/libgcrypt/blob/master/src/secmem.c)
Moderate
W^X- Don't allow opening files by inode (requires ABI break)
- devfs filemodes
- Spectre mitigations via GCC flags
Advanced
- NetBSD/FreeBSD's KLEAK: Detecting Kernel Memory Disclosures
- OpenBSD on mitigating ROP gadgets
- AT_BENEATH and other breakout mitigations for VFS
- Meltdown?
Already done
- SMEP/SMAP
- ASLR
- execute disable
Note:
See TracWiki
for help on using the wiki.
