Hacker News new | past | comments | ask | show | jobs | submit login

This is a fascinating topic, are there any practical real life implementations of this?



This presentation is an overview of many different mitigations spanning ~27 years. Some are quite widely implemented. I'm less familiar with the newer stuff, but here's some I've run into.

No-exec stacks: some UNIX machines, tons of systems today.

w^x: win xp+, Linux, several RTOS, OpenBSD, lots of others

aslr: requires MMU. OpenBSD, contemporary Windows(but partially opt in?), Linux.

X-only: Arm has supported X-only for their embedded stuff for a while, and it's fairly lightweight, though you lose PC-relative loads.


OpenBSD?


It's worth noting that the new mitigations discussed in the talk are only available in -current. They'll be in the next release though (which should be coming in the next few months).


April being the best guess currently, though end of likely, because May 1st is the usual goal. The best guess being April, because it's what the (non-finished) 7.3 page says for the month right now. Of course that's not a guarantee, but it makes it likely. Also a branch of 7.3 already exists.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: