Slashdot Mirror

← Back to Stories (view on slashdot.org)

Heap Protection Mechanism

Posted by Hemos on from the protecting-ourselves dept.

An anonymous reader writes "There's an article by Jason Miller on innovation in Unix that talks about OpenBSD's new heap protection mechanism as a major boon for security. Sounds like OpenBSD is going to be the first to support this new security method."

15 of 365 comments (clear)

  1. cool by chrisxkelley · · Score: 1, Funny

    now unix will be more secure than all... well, again.

    1. Re:cool by Orgazmus · · Score: 2, Funny

      Its just Windows 2000 with a 1 added for each bugfix

      --
      The system had the verbosity of HTML combined with all the readability of compiled assembly viewed as bitmap images
  2. My solution is slower, but 100% effective by Anonymous Coward · · Score: 5, Funny
    When my application needs a chunk of memory, it sends a specially crafted HTTPS request to my bank, debits the account, sends a fax to the local computer shop who then sends a tech over to install the DIMMs.

    When the application is finished with the memory, it sends a FAX to the local electronics recycling facility who sends out a tech to remove the DIMMs and melt them down into whatever.

    Using this method of heap memory allocation (I call it "ACAlloc" for "Anonymous Coward Alloc" has been 100% effective and I have NEVER had a heap overflow exploit in any of my code.

    Yes, it's slow, but I am secure.

    ...And I'm running the most up-to-date 80386 Linux 0.97 kernel. TDz.

  3. What's next? by Groo+Wanderer · · Score: 3, Funny

    Ok, we start out with 'protection', then we move to 'a heap' of protection, most assuredly to be followed by 'a whole heap' of protection. I can only see this spiral continuing until Bill Gates himself gets up on stage at CES in an Elvis suit promising 'a hunka- hunka- burnin protection'. *SHUDDER* Time to take a cold shower.

                  -Charlie

    1. Re:What's next? by Rufus88 · · Score: 2, Funny

      Bill Gates himself gets up on stage at CES in an Elvis suit promising 'a hunka- hunka- burnin protection'. *SHUDDER* Time to take a cold shower.

      You *need* a cold shower? Hell, to me, that image *was* the equivalent of a cold shower!

  4. Apologies to the Black-Eyed Peas by Anonymous Coward · · Score: 2, Funny

    OpenBSD's "My Heap":

    Lookin' at my heap, heap
    You can look but you can't touch it.
    If you touch it, I'ma start some drama.
    You don't want no drama.
    [...]
    My heap, my heap, my heap, my heap.

  5. Microsoft Windows? by fernique · · Score: 2, Funny

    Could this technology be implemented in the Microsoft Windows systems to be more secure than Linux?

    --
    igor
  6. Re:OpenBSD at the cutting edge on security by fireboy1919 · · Score: 2, Funny

    than more mainstream Linux distributions

    I know it seems strange...but OpenBSD isn't a Linux distribution at all.

    I know its hard to wrap head around. Its one of those things you just have to accept. In addition:
    -deep down, cows are not people too. So you can eat 'em, I guess.
    -neither are cats or dogs. So don't force them to wear clothing.
    -neither is information. So it doesn't care about being free or anything else.
    -"Windows" is somehow both an operating system and a Window manager. You're not supposed to consider them separate things (wierd, isn't it?)
    -Wearing a tampon with wings will not give you the power of flight.

    Hopefully I've cleared up a few issues for you. :)

    --
    Mod me down and I will become more powerful than you can possibly imagine!
  7. Re:Hm... old technique? by Chocolate+Teapot · · Score: 3, Funny
    Guard pages aren't exactly shiny new

    Shhh!! I was waiting until everyone started using them before hitting them with my patent ;)

    --
    Modest doubt is called the beacon of the wise. - William Shakespeare
  8. Heap protection? by justforaday · · Score: 2, Funny

    I call my heap protection mechanism "bumpers" : p

    --
    I'll turn into a supernova and burn up everything. Well I'll turn into a black little hole and you'll turn into string.
  9. Linux Had A Spec For This Ages Ago by Anonymous Coward · · Score: 2, Funny

    But Linus doesn't like specs so it got dropped !

  10. VBLinux by Frankie70 · · Score: 4, Funny


      For real security, don't use C.


    I am rewriting Linux in Visual Basic 6.0.
    I am going to call the distro VBLinux.

  11. Re:Slowdown? by Anonymous Coward · · Score: 2, Funny

    You Java apologists are worse than creationists.

  12. Re:Unnecessary when using languages that solve thi by Clover_Kicker · · Score: 3, Funny

    You're totally right, dude.

    Let me know when you release your Haskell version of Sendmail, and I'll switch over immediately.

  13. Re:Whatever happened to segmentation? by Sloppy · · Score: 5, Funny
    Holy crap, if my 1987 self could hear what I'm saying in 2005... "You senile old bastard! I'll fucking kill you for this!" would probably be his first reaction.

    2005 self would counter with, "Yeah, the pointers will be bigger than they used to be, but you progam in high-level languages now, so you don't ever worry about that. It's the compiler's problem."

    1987 Sloppy would say, "But I'm going go write a compiler!"

    2005 Sloppy would say, "You fuckwit, you never got anywhere on that project. You barely even started it. Too much time fucking around with graphics and genetics."

    1987 Sloppy would say, "But, but, it's not fair! Segmentation is an x86 thing. Everyone knows that in the future, we'll all be using 68k. 68k doesn't do segmentation."

    2005 Sloppy would sigh.

    1987 Sloppy would say, "Oh come on. There's no way people are still using x86 in the 21st century, or even in the 1990s. No fucking way."

    2005 Sloppy would just shrug. There's nothing to do in a situation like this. There's nothing you can say. They'll never believe you.

    --
    As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.