Captain Code
June 27th, 2008, 06:10 AM
http://blogs.zdnet.com/security/?p=1325
Full address space randomization
No Execute on heap, not just the stack
64 bit processes: Function arguments passed in registers, not the stack. Makes it much harder to exploit with address space randomization and NX on heap and stack
Fully sandbox vulnerable applications like Safari & Mail
Mandatory code signing for kernel extensions. This would stop a malicious kernel extension from being loaded if it wasn't cryptographically signed by the author.
All are very good improvements. Apple has expressed interest in implementing more restrictions with code signing and making core system components require it will make it that much harder for someone to install stuff in the system and go undetected. It seems they're already moving towards 64 bit processes for all their apps as well.
Full address space randomization
No Execute on heap, not just the stack
64 bit processes: Function arguments passed in registers, not the stack. Makes it much harder to exploit with address space randomization and NX on heap and stack
Fully sandbox vulnerable applications like Safari & Mail
Mandatory code signing for kernel extensions. This would stop a malicious kernel extension from being loaded if it wasn't cryptographically signed by the author.
All are very good improvements. Apple has expressed interest in implementing more restrictions with code signing and making core system components require it will make it that much harder for someone to install stuff in the system and go undetected. It seems they're already moving towards 64 bit processes for all their apps as well.