SOURCE和Linux安全保护机制(2)

Compile Time Buffer Checks (FORTIFY_SOURCE)

GCC compiler and GLIBC C library from Fedora Core 4 onwards has gained a feature called “FORTIFY_SOURCE” that will detect and prevent a subset of the buffer overflows before they can do damage. The idea behind FORTIFY_SOURCE is relatively simple: there are cases where the compiler can know the size of a buffer (if it’s a fixed sized buffer on the stack, as in the example, or if the buffer just came from a malloc() function call). With a known buffer size, functions that operate on the buffer can make sure the buffer will not overflow. FORTIFY_SOURCE in Fedora 8 has been enhanced to cover C++ in addition to C, which prevents many security exploits.

References:

ELF (Executable and Linkable Format) Data Hardening

These are changes to the file components that protect the structure of the file itself.

References:

Restricted Kernel Memory Access

Fedora restricts how the kernel memory (/dev/mem) can be overwritten. This prevents several rootkits from functioning resulting in a safer and more secure system.

References:

Stack Smash Protection, Buffer Overflow Detection, and Variable Reordering

All of the software in the Fedora Package Collection is compiled using a security feature called fstack-protector. fstack-protector puts a canary value on the stack of key functions. Just before the return address and just before returning from that value, that canary value is verified. If there was a buffer overflow, the canary no longer matches and the program aborts. The canary value is random for each time the application is started and makes it impossible to guess remotely. This is a security feature that has been backported from GCC 4.1 to the version of the GCC compiler used in Fedora Core 5 test1. This feature has been written by Red Hat developers and provides similar functionality to the IBM propolice/ssp patches. ]

Secure remote management for Xen, KVM, and QEMU virtualization

The libvirt Xen and KVM management API in Fedora 8 and above can be securely used from a remote host, using SSL/TLS encryption and x509 certificates for client authentication. The VNC server for Xen and KVM supports the VeNCrypt protocol extension, encrypting the entire guest console session with SSL/TLS and x509 certificates.

The virt-manager application can take advantage of these improvements to allow secure remote management of multiple servers. As an alternative to SSL, virt-manager can also tunnel both libvirt and VNC over SSH. Further details can be found on the virt-manager wiki.

Glibc Enhancements

The glibc package in Fedora 8 and above has support for passwords using SHA256 and SHA512 hashing. Before only DES and MD5 were available. The tools to create passwords have not been extended yet, but if such passwords are created in others ways, glibc will recognize and honor them.

References:

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/wwszwj.html