Exec Shield

Exec Shield

Exec Shield is a project started at Red Hat, Inc in late 2002 with the aim of reducing the risk of worm or other automated remote attacks on Linux systems. The first result of the project was a security patch for the Linux kernel that emulates an NX bit on x86 CPUs that lack a native NX implementation in hardware. While the Exec Shield project has had many other components, some people refer to this first patch as Exec Shield.

The first Exec Shield patch attempts to flag data memory as non-executable and program memory as non-writeable. This suppresses many security exploits, such as those stemming from buffer overflows and other techniques relying on overwriting data and inserting code into those structures. Exec Shield also supplies some address space layout randomization for the mmap() and heap base.

The patch additionally increases the difficulty of inserting and executing shellcode, rendering most exploits ineffective. No application recompilation is necessary to fully utilize exec-shield, although some applications (Mono, Wine, XEmacs) are not fully compatible.

Other features that came out of the Exec Shield project were the so-called Position Independent Executables (PIE), the address space randomization patch for Linux kernels, a wide set of glibc internal security checks that make heap and format string exploits near impossible, the GCC Fortify Source feature, and the port and merge of the GCC stack-protector feature.

Implementation

Exec Shield works on all x86 CPUs utilizing the Code Segment limit. Because of the way Exec Shield works, it is very lightweight; however, it won't fully protect arbitrary virtual memory layouts. If the CS limit is raised, for example by calling mprotect() to make higher memory executable, then the protections are lost below that limit. Ingo Molnar points this out in an e-mail conversation. Fortunately, most applications are fairly sane at this; the stack (the important part) at least winds up above any mapped libraries, so doesn't become executable except by explicit calls by the application.

As of August, 2004, nothing from the Exec Shield projects attempt to enforce memory protections by restricting mprotect() on any architecture; although memory may not initially be executable, it may become executable later, so the kernel will allow an application to mark memory pages as both writable and executable at the same time. However, in cooperation with the Security Enhanced Linux project (SELinux), the standard policy for the Fedora Core distribution does prohibit this behavior for most executables, with only a few exceptions for compatibility reasons.

History

Exec Shield was developed by various people at Red Hat; the first patch was released by Ingo Molnar of Red Hat and first released in May 2003. It is part of Fedora Core 1 through 6 and Red Hat Enterprise Linux 3 (Update 3) and 4. [ cite web|url=http://docs.fedoraproject.org/release-notes/fc1/x86/ |title=Fedora Core 1 Release Notes |accessdate=2007-10-18 |date=2003-11 |work=Red Hat, Inc. |archiveurl=http://web.archive.org/web/20031202145058/http://fedora.redhat.com/docs/release-notes/ |archivedate=2003-12-02 ] [ cite web|url=http://www.redhat.com/f/pdf/rhel/WHP0006US_Execshield.pdf |title=New Security Enhancements in Red Hat Enterprise Linux v.3, update 3 |accessdate=2007-10-18 |last=van de Ven |first=Arjan |date=2004-08 |format=PDF |work=Red Hat, Inc. |archiveurl=http://web.archive.org/web/20050512030425/http://www.redhat.com/f/pdf/rhel/WHP0006US_Execshield.pdf |archivedate=2005-05-12 ] Other people involved include Jakub Jelínek, Ulrich Drepper, Richard Henderson, Arjan van de Ven.

See also

*NX bit
*Openwall
*PaX
*StackGuard
*W^X

References

External links

* [http://people.redhat.com/mingo/exec-shield/ Ingo Molnar's Exec Shield patch web page] , includes documentation in the file [http://people.redhat.com/mingo/exec-shield/ANNOUNCE-exec-shield ANNOUNCE-exec-shield]
* [http://www.newsforge.com/os/03/05/02/1914223.shtml?tid=23 Newsforge Feature Article]
* [http://www.redhat.com/magazine/009jul05/features/execshield/ Red Hat Magazine Feature/Project Article]
* [http://lists.immunityinc.com/pipermail/dailydave/2007-May/004340.html Negative security issues with ExecShield]


Wikimedia Foundation. 2010.

Игры ⚽ Нужна курсовая?

Look at other dictionaries:

  • Exec Shield — Saltar a navegación, búsqueda Exec Shield es un proyecto realizado por Red Hat, Inc. en 2002 con el objetivo de reducir el riesgo de gusanos u otros ataques automatizados en sistemas Linux. El primer resultado del proyecto fue un parche de… …   Wikipedia Español

  • Exec Shield — est un projet démarré à la fin 2002 visant à reduire le risque des attaques automatiques à distance sur des systèmes Linux. Le premier resultat a été un patch de sécurité pour le noyau Linux émulant le bit NX sur les processeurs x86. Il a été… …   Wikipédia en Français

  • Exec — may refer to:* Exec, short for executive officer * Exec, an operating system function for running a program * Exec (Amiga), the OS kernel of Amiga computers * EXEC, an interpreted command procedure control language for IBM s VM/CMS operating… …   Wikipedia

  • ExecShield — Exec Shield Exec Shield est un projet démarré à la fin 2002 visant à reduire le risque des attaques automatiques à distance sur des systèmes Linux. Le premier resultat a été un patch de sécurité pour le noyau Linux émulant le bit NX sur les… …   Wikipédia en Français

  • NX bit — The NX bit, which stands for No eXecute, is a technology used in CPUs to segregate areas of memory for use by either storage of processor instructions (or code) or for storage of data, a feature normally only found in Harvard architecture… …   Wikipedia

  • Executable space protection — In computer security, executable space protection is the marking of memory regions as non executable, such that an attempt to execute machine code in these regions will cause an exception. It makes use of hardware features such as the NX bit.The… …   Wikipedia

  • PaX — In computer security, PaX is a patch for the Linux kernel that implements least privilege protections for memory pages. The least privilege approach allows computer programs to do only what they have to do in order to be able to execute properly …   Wikipedia

  • W^X — (prononcé W xor X ) est le nom d une fonctionnalité dédiée à la sécurité informatique présente dans le système d exploitation OpenBSD. C est une forme de protection de la mémoire avec laquelle une page peut être accessible en écriture, ou en… …   Wikipédia en Français

  • Buffer overflow — In computer security and programming, a buffer overflow, or buffer overrun, is an anomalous condition where a process attempts to store data beyond the boundaries of a fixed length buffer. The result is that the extra data overwrites adjacent… …   Wikipedia

  • Position-independent code — In computing, position independent code (PIC) or position independent executable (PIE) is machine instruction code that executes properly regardless of where in memory it resides. PIC is commonly used for shared libraries, so that the same… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”