Executable space protection

From Wikipedia, the free encyclopedia

You have new messages (last change).

In computer security, executable space protection is the marking of memory regions as non-executable, such that an attempt to execute machine code in these regions will cause an exception. It often makes use of hardware features such as the NX bit. Implementations for Linux include PaX, Exec Shield, and Openwall. OpenBSD's features W^X.

Pay attention regarding Microsoft Windows'Data Execution Prevention. The hardware-enforced version, utilizing the mentioned bit does protect from execution of code in data buffers. Even though the name "software-enforced Data Execution Prevention" sounds similar it does not prevent from that attack type (Buffer Overflow). Instead it protects from another specific attack type (SEH handler overwrite) that occurred one time only and has never repeated.

[edit] See also

[edit] References

 This computer-related article is a stub. You can help Wikipedia by expanding it.
Retrieved from "http://en.wikipedia.org../../../e/x/e/Executable_space_protection.html"
In other languages