Owl security features


Strong password cryptography

FIXME What does this have to do with the kernel?

Network address based access control

Integrity checking

Address Space Layout Randomisation (ASLR)

Stack ASLR


NX bit

Mmap min address protection

Module loading


Source code review


Configuration and administration facilities


GCC and glibc features

Stack Protector

Heap Protector

Non-Executable Memory

Fromat security

Fortify source

Position Independent Executable (PIE)

Relro and bind now

Owl packages built with these GCC features

Packages Fortify Stack protector PIE Relro Full relro

Use the checksec.sh shell script to check the mitigation techniques that are built on binaries. This script can also check some Linux kernel protection mechanisms.

Additional documentation

Owl/security.txt · Last modified: 2011/04/01 15:57 by solar
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate to DokuWiki Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki Powered by OpenVZ Powered by Openwall GNU/*/Linux