Security-related innovation in Unix

Security-related innovation in Unix
Jason Miller, 2005-09-28

Recently, a good friend of mine forwarded me an article from kerneltrap.org, which talked about a new heap implementation that's being introduced into an upcoming release of the OpenBSD operating system. This article was of specific interest to me, as I have been experimenting with the creation of a more secure heap implementation myself.

Expand all | Post comment

Security in Unix 2005-09-29
Alexey Vesnin

Security-related innovation in Unix 2005-10-03
Anonymous (9 replies)

Re: Security-related innovation in Unix 2005-10-03
Anonymous

Re: Security-related innovation in Unix 2005-10-04
Jose Roman

Security-related innovation in Unix 2005-10-03
David Emery (1 replies)

One of the things that Ada supports is the notion of strongly typed heaps, and has mechanisms to establish the max size of the heap for each "access type". This is what I think we really need. A big part of the security problem with heaps in C/C++ is that they're completely untyped, which makes it very difficult to put any semantics onto pointer dereferencing (including pointer alignment within a heap as well as access to an address that's not in the currently valid heap.)

Java fixes these problems similarly, but without Ada's control mechanisms.

Many of the security problems that we're looking to operating systems/computer architectures to fix are problems created by mediocre (but popular!) programming langauges.

dave

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/359/32477#32477

Re: Security-related innovation in Unix 2005-10-05
Anonymous

Security-related innovation in Unix 2005-10-03
Todd Knarr (1 replies)

Re: Security-related innovation in Unix 2005-10-05
Anonymous

It is a contraction! 2005-10-05
English_language

Security-related innovation in Unix 2005-10-05
Anonymous