HOME

TheInfoList



Click Here for Items Related To - Exec Shield
OR:
Exec Shield on:   [Wikipedia]   [Google]   [Amazon]

Exec Shield is a project started at Red Hat, Inc in late 2002 with the aim of reducing the risk of worm or other automated remote attacks on Linux systems. The first result of the project was a
security" \n\n\nsecurity.txt is a proposed standard for websites' security information that is meant to allow security researchers to easily report security vulnerabilities. The standard prescribes a text file called \"security.txt\" in the well known locat ...
patch for the
Linux kernel The Linux kernel is a free and open-source, monolithic, modular, multitasking, Unix-like operating system kernel. It was originally authored in 1991 by Linus Torvalds for his i386-based PC, and it was soon adopted as the kernel for the GNU ...
that emulates an
NX bit The NX bit (no-execute) is a technology used in CPUs to segregate areas of memory for use by either storage of processor instructions or for storage of data, a feature normally only found in Harvard architecture processors. However, the NX bit is ...
on x86 CPUs that lack a native NX implementation in hardware. While the Exec Shield project has had many other components, some people refer to this first patch as Exec Shield. The first Exec Shield patch attempts to flag data memory as non-executable and program memory as non-writeable. This suppresses many security exploits, such as those stemming from
buffer overflow In information security and programming, a buffer overflow, or buffer overrun, is an anomaly whereby a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations. Buffers are areas of memor ...
s and other techniques relying on overwriting data and inserting code into those structures. Exec Shield also supplies some
address space layout randomization Address space layout randomization (ASLR) is a computer security technique involved in preventing exploitation of memory corruption vulnerabilities. In order to prevent an attacker from reliably jumping to, for example, a particular exploited ...
for the
mmap In computing, mmap(2) is a POSIX-compliant Unix system call that maps files or devices into memory. It is a method of memory-mapped file I/O. It implements demand paging because file contents are not immediately read from disk and initially use n ...
() and heap base. The patch additionally increases the difficulty of inserting and executing
shellcode In hacking, a shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability. It is called "shellcode" because it typically starts a command shell from which the attacker can control the compromised mac ...
, rendering most exploits ineffective. No application recompilation is necessary to fully utilize exec-shield, although some applications (
Mono Mono may refer to: Common meanings * Infectious mononucleosis, "the kissing disease" * Monaural, monophonic sound reproduction, often shortened to mono * Mono-, a numerical prefix representing anything single Music Performers * Mono (Japanese ...
,
Wine Wine is an alcoholic drink typically made from fermented grapes. Yeast consumes the sugar in the grapes and converts it to ethanol and carbon dioxide, releasing heat in the process. Different varieties of grapes and strains of yeasts are ...
,
XEmacs XEmacs is a graphical- and console-based text editor which runs on almost any Unix-like operating system as well as Microsoft Windows. XEmacs is a fork, based on a version of GNU Emacs from the late 1980s. Any user can download, use, and modify ...
,
Mplayer MPlayer is a free and open-source media player software application. It is available for Linux, OS X and Microsoft Windows. Versions for OS/2, Syllable, AmigaOS, MorphOS and AROS Research Operating System are also available. A port for ...
) are not fully compatible. Other features that came out of the Exec Shield project were the Position Independent Executables (PIE), the address space randomization patch for Linux kernels, a wide set of glibc internal security checks that make heap and format string exploits near impossible, the GCC Fortify Source feature, and the port and merge of the GCC stack-protector feature.


Implementation

Exec Shield works on all x86 CPUs utilizing the Code Segment limit. Because of the way Exec Shield works, it is very lightweight; however, it won't fully protect arbitrary
virtual memory In computing, virtual memory, or virtual storage is a memory management technique that provides an "idealized abstraction of the storage resources that are actually available on a given machine" which "creates the illusion to users of a very ...
layouts. If the CS limit is raised, for example by calling mprotect() to make higher memory executable, then the protections are lost below that limit. Ingo Molnar points this out in an e-mail conversation. Most applications are fairly sane at this; the stack (the important part) at least winds up above any mapped libraries, so does not become executable except by explicit calls by the application. As of August, 2004, nothing from the Exec Shield projects attempt to enforce memory protections by restricting mprotect() on any architecture; although memory may not initially be executable, it may become executable later, so the kernel will allow an application to mark memory pages as both writable and executable at the same time. However, in cooperation with the
Security-Enhanced Linux Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls (MAC). SELinux is a set of kernel modifications and user-space ...
project (SELinux), the standard policy for the
Fedora Core Fedora Linux is a Linux distribution developed by the Fedora Project. Fedora contains software distributed under various free and open-source licenses and aims to be on the leading edge of open-source technologies. Fedora is the upstream source ...
distribution does prohibit this behavior for most executables, with only a few exceptions for compatibility reasons.


History

Exec Shield was developed by various people at Red Hat; the first patch was released by Ingo Molnar of Red Hat and first released in May 2003. It is part of Fedora Core 1 through 6 and Red Hat Enterprise Linux since version 3. Other people involved include Jakub JelĂ­nek,
Ulrich Drepper Ulrich (), is a German given name, derived from Old High German ''Uodalrich'', ''Odalric''. It is composed of the elements '' uodal-'' meaning "(noble) heritage" and ''-rich'' meaning "rich, powerful". Attested from the 8th century as the name of Al ...
, Richard Henderson and Arjan van de Ven.


See also

*
NX bit The NX bit (no-execute) is a technology used in CPUs to segregate areas of memory for use by either storage of processor instructions or for storage of data, a feature normally only found in Harvard architecture processors. However, the NX bit is ...
*
Openwall The Openwall Project is a source for various software, including Openwall GNU/*/Linux (Owl), a security-enhanced Linux distribution designed for servers. Openwall patches and security extensions have been included into many major Linux distribut ...
* StackGuard *
W^X W^X ("write xor execute", pronounced ''W xor X'') is a security feature in operating systems and virtual machines. It is a memory protection policy whereby every page in a process's or kernel's address space may be either writable or executable, ...


References


External links


Ingo Molnar's Exec Shield patch web page
includes documentation in the fil
ANNOUNCE-exec-shieldNewsforge Feature ArticleRed Hat Magazine Feature/Project ArticleNegative security issues with ExecShield
{{Linux kernel Linux Linux security software Operating system security