如何启用DEP和ASLR对我的.NET应用程序? [英] How do I enable DEP or ASLR for my .NET application?

查看:467
本文介绍了如何启用DEP和ASLR对我的.NET应用程序?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我写在VS2010我的程序和构建目标是.NET 4相信的 DEP 兼容性标志默认是打开的。是真的吗?

I'm writing my program in VS2010 and the build target is .NET 4. I believe that the DEP compatibility flag is on by default. Is that true?

是.NET也默认兼容 ASLR 和ASLR是默认打开的我的过程中,还是必须要求它在运行时?

Is .NET also compatible by default with ASLR, and is ASLR turned on by default for my process, or do I have to request it at runtime?

推荐答案

是的,NXCOMPAT标志,因为.NET 2.0 SP1打开的标准.NET语言编译器。

Yes, the NXCOMPAT flag is turned on by the standard .NET language compilers since .NET 2.0 SP1.

ASLR本质上是在自动凭借JIT编译器的.NET程序。凡将会把JIT编译机code是联合国predictable。尽管这将可能是可重复的精确的相同的机器上使用CLR完全相同的修订号和的启动code中的完全相同的流和完全相同的DLL得到注入过程。不容易被恶意软件定位的虽然。该NGEN-ED .NET组件支持ASLR,因为.NET 3.5 SP1的发布。

ASLR is essentially automatic in .NET programs by virtue of the JIT compiler. Where it will place the JIT compiled machine code is unpredictable. Albeit that it will likely be repeatable on the exact same machine with the exact same revision number of the CLR and the exact same flow of the startup code and the exact same DLLs getting injected into the process. Not easily targetable by malware though. The ngen-ed .NET assemblies support ASLR since the .NET 3.5 SP1 release.

更厉害的是ASLR的数据,对攻击的更重要了应对措施。重要的,因为攻击的绝大多数下手恶意数据。每当你开始你的程序,一个线程,GC堆和静态数据的变化栈的位置。可以说是相当痛苦的,你正试图顺便说一句调试的大道。

Much more powerful is the ASLR for data, the more essential counter-measure against attacks. Important because the vast majority of attacks start with malicious data. Every time you start your program, the location of stack of a thread, the GC heap and static data changes. Can be quite painful of you are trying to debug an AVE btw.

ASLR抵御已知unpatchable安全漏洞。该安全漏洞有第一,罕见的可验证code存在。

ASLR protects against known unpatchable security flaws. The security flaw has to exist first, uncommon in verifiable code.

这篇关于如何启用DEP和ASLR对我的.NET应用程序?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆