|
W^X
W^X (write xor execute, pronounced ''W xor X'') is a security policy in operating systems and software frameworks. It implements executable space protection by ensuring every memory page (a fixed-size block in a program’s virtual address space, the memory layout it uses) is either writable or executable, but not both. Without such protection, a program can write (as data "W") CPU instructions in an area of memory intended for data and then run (as executable "X"; or read-execute "RX") those instructions. This can be dangerous if the writer of the memory is malicious. The terminology was first introduced in 2003 for Unix-like systems, but is today also used by some multi-platform systems (such as .NET). Other operating systems have adopted similar policies under different names (e.g., DEP in Windows). In Unix, W^X is typically controlled via the mprotect system call. It is relatively simple on processor architectures supporting fine-grained page permissions, such as SPAR ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Executable Space Protection
In computer security, executable-space protection marks memory regions as non-executable, such that an attempt to execute machine code in these regions will cause an exception. It relies on hardware features such as the NX bit (no-execute bit), or on software emulation when hardware support is unavailable. Software emulation often introduces a performance cost, or overhead (extra processing time or resources), while hardware-based NX bit implementations have no measurable performance impact. The Burroughs large systems, starting with the Burroughs 5000 introduced in 1961, implemented executable-space protection using a tagged architecture. All accesses to code and data took place through descriptors, which had memory tags preventing them from being modified; descriptors for code did not allow the code to be modified, and descriptors for data did not allow the data ta be executed as code. Today, operating systems use executable-space protection to mark writable memory areas, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Intel 64
x86-64 (also known as x64, x86_64, AMD64, and Intel 64) is a 64-bit extension of the x86 instruction set. It was announced in 1999 and first available in the AMD Opteron family in 2003. It introduces two new operating modes: 64-bit mode and compatibility mode, along with a new four-level paging mechanism. In 64-bit mode, x86-64 supports significantly larger amounts of virtual memory and physical memory compared to its 32-bit predecessors, allowing programs to utilize more memory for data storage. The architecture expands the number of general-purpose registers from 8 to 16, all fully general-purpose, and extends their width to 64 bits. Floating-point arithmetic is supported through mandatory SSE2 instructions in 64-bit mode. While the older x87 FPU and MMX registers are still available, they are generally superseded by a set of sixteen 128-bit vector registers (XMM registers). Each of these vector registers can store one or two double-precision floating-point numbers, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Just-in-time Compilation
In computing, just-in-time (JIT) compilation (also dynamic translation or run-time compilations) is compilation (of computer code) during execution of a program (at run time) rather than before execution. This may consist of source code translation but is more commonly bytecode translation to machine code, which is then executed directly. A system implementing a JIT compiler typically continuously analyses the code being executed and identifies parts of the code where the speedup gained from compilation or recompilation would outweigh the overhead of compiling that code. JIT compilation is a combination of the two traditional approaches to translation to machine code— ahead-of-time compilation (AOT), and interpretation—and combines some advantages and drawbacks of both. Roughly, JIT compilation combines the speed of compiled code with the flexibility of interpretation, with the overhead of an interpreter and the additional overhead of compiling and linking (not j ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
X86-64
x86-64 (also known as x64, x86_64, AMD64, and Intel 64) is a 64-bit extension of the x86 instruction set architecture, instruction set. It was announced in 1999 and first available in the AMD Opteron family in 2003. It introduces two new operating modes: 64-bit mode and compatibility mode, along with a new four-level paging mechanism. In 64-bit mode, x86-64 supports significantly larger amounts of virtual memory and physical memory compared to its 32-bit computing, 32-bit predecessors, allowing programs to utilize more memory for data storage. The architecture expands the number of general-purpose registers from 8 to 16, all fully general-purpose, and extends their width to 64 bits. Floating-point arithmetic is supported through mandatory SSE2 instructions in 64-bit mode. While the older x87 FPU and MMX registers are still available, they are generally superseded by a set of sixteen 128-bit Processor register, vector registers (XMM registers). Each of these vector registers ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Exec Shield
Exec Shield is a project started at Red Hat, Inc in late 2002 with the aim of reducing the risk of worm or other automated remote attacks on Linux systems. The first result of the project was a security patch for the Linux kernel that emulates an NX bit on x86 CPUs that lack a native NX implementation in hardware. While the Exec Shield project has had many other components, some people refer to this first patch as Exec Shield. The first Exec Shield patch attempts to flag data memory as non-executable and program memory as non-writeable. This suppresses many security exploits, such as those stemming from buffer overflows and other techniques relying on overwriting data and inserting code into those structures. Exec Shield also supplies some address space layout randomization for the mmap() and heap base. The patch additionally increases the difficulty of inserting and executing shellcode, rendering most exploits ineffective. No application recompilation is necessary to fully uti ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Mprotect
Memory protection is a way to control memory access rights on a computer, and is a part of most modern instruction set architectures and operating systems. The main purpose of memory protection is to prevent a process from accessing memory that has not been allocated to it. This prevents a bug or malware within a process from affecting other processes, or the operating system itself. Protection may encompass all accesses to a specified area of memory, write accesses, or attempts to execute the contents of the area. An attempt to access unauthorized memory results in a hardware fault, e.g., a segmentation fault, storage violation exception, generally causing abnormal termination of the offending process. Memory protection for computer security includes additional techniques such as address space layout randomization and executable-space protection. Methods Segmentation Segmentation refers to dividing a computer's memory into segments. A reference to a memory location i ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
NX Bit
The NX bit (no-execute bit) is a processor feature that separates areas of a virtual address space (the memory layout a program uses) into sections for storing data or program instructions. An operating system supporting the NX bit can mark certain areas of the virtual address space as non-executable, preventing the processor from running any code stored there. This technique, known as executable space protection or Write XOR Execute, protects computers from malicious software that attempts to insert harmful code into another program’s data storage area and execute it, such as in a buffer overflow attack. The term "NX bit" was introduced by Advanced Micro Devices (AMD) as a marketing term. Intel markets this feature as the XD bit (execute disable), while the MIPS architecture refers to it as the XI bit (execute inhibit). In the ARM architecture, introduced in ARMv6, it is known as XN (execute never). The term NX bit is often used broadly to describe similar executable space p ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Address Space Layout Randomization
Address space layout randomization (ASLR) is a computer security technique involved in preventing exploitation of memory corruption vulnerabilities. In order to prevent an attacker from reliably redirecting code execution to, for example, a particular exploited function in memory, ASLR randomly arranges the address space positions of key data areas of a process, including the base of the executable and the positions of the stack, heap and libraries. When applied to the kernel, this technique is called ''kernel address space layout randomization'' (''KASLR''). History The Linux PaX project first coined the term "ASLR", and published the first design and implementation of ASLR in July 2001 as a patch for the Linux kernel. It is seen as a complete implementation, providing a patch for kernel stack randomization since October 2002. The first mainstream operating system to support ASLR by default was OpenBSD version 3.4 in 2003, followed by Linux in 2005. Benefits Addres ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Run-time System
In computer programming, a runtime system or runtime environment is a sub-system that exists in the computer where a program is created, as well as in the computers where the program is intended to be run. The name comes from the compile time and runtime division from compiled languages, which similarly distinguishes the computer processes involved in the creation of a program (compilation) and its execution in the target machine (the runtime). Most programming languages have some form of runtime system that provides an environment in which programs run. This environment may address a number of issues including the management of application memory, how the program accesses variables, mechanisms for passing parameters between procedures, interfacing with the operating system (OS), among others. The compiler makes assumptions depending on the specific runtime system to generate correct code. Typically the runtime system will have some responsibility for setting up and managing ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Firefox
Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements current and anticipated web standards. Firefox is available for Windows 10 or later versions of Windows, macOS, and Linux. Its unofficial ports are available for various Unix and Unix-like operating systems, including FreeBSD, OpenBSD, NetBSD, and other operating systems, such as ReactOS. Firefox is also available for Android and iOS. However, as with all other iOS web browsers, the iOS version uses the WebKit layout engine instead of Gecko due to platform requirements. An optimized version is also available on the Amazon Fire TV as one of the two main browsers available with Amazon's Silk Browser. Firefox is the spiritual successor of Netscape Navigator, as the Mozilla community was created by Netscape in 1998, before its acqui ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
I386
The Intel 386, originally released as the 80386 and later renamed i386, is the third-generation x86 architecture microprocessor from Intel. It was the first 32-bit processor in the line, making it a significant evolution in the x86 architecture. Pre-production samples of the 386 were released to select developers in 1985, while mass production commenced in 1986. The 386 was the central processing unit (CPU) of many workstations and high-end personal computers of the time. The 386 began to fall out of public use starting with the release of the i486 processor in 1989, while in embedded systems the 386 remained in widespread use until Intel finally discontinued it in 2007. Compared to its predecessor the Intel 80286 ("286"), the 80386 added a three-stage instruction pipeline which it brings up to total of 6-stage instruction pipeline, extended the architecture from 16-bits to 32-bits, and added an on-chip memory management unit. This paging translation unit made it muc ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
