内存随机化作为应用程序安全性增强? [英] Memory randomization as application security enhancement?

问题描述

我最近看到了一篇 Microsoft 文章，其中吹捧了 Windows 7 的新防御增强功能".具体来说:

I recently came upon a Microsoft article that touted new "defensive enhancements" of Windows 7. Specifically:

• 地址空间布局随机化 (ASLR)
• 堆随机化
• 堆栈随机化

文章接着说……其中一些防御措施位于核心操作系统中，而 Microsoft Visual C++ 编译器提供了其他防御措施"，但没有解释这些策略实际上如何提高安全性.

The article went on to say that "...some of these defenses are in the core operating system, and the Microsoft Visual C++ compiler offers others" but didn't explain how these strategies would actually increase security.

有人知道为什么内存随机化会提高安全性吗?其他平台和编译器是否采用了类似的策略?

Anyone know why memory randomization increases security, if at all? Do other platforms and compilers employ similar strategies?

推荐答案

它通过使预测某些内容在内存中的位置变得困难来提高安全性.相当多的缓冲区溢出漏洞利用(例如)将已知例程的地址放在堆栈上，然后返回到它.如果不知道相关例程的地址，就很难做到这一点.

It increases security by making it hard to predict where something will be in memory. Quite a few buffer overflow exploits work by putting (for example) the address of a known routine on the stack, and then returning to it. It's much harder to do that without knowing the address of the relevant routine.

据我所知，OpenBSD 是第一个这样做的，至少在相当知名的 PC 操作系统中是这样.

As far as I know, OpenBSD was about the first to do this, at least among the reasonably well-known OSes for PCs.

这篇关于内存随机化作为应用程序安全性增强?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！