21C3 Schedule Release 1.1.7
21st Chaos Communication Congress
Lectures and workshops
|Start Time||15:00 h|
Did you attend this event?
An introduction to the hardened toolchain used at the Hardened Gentoo project, which, combined with the PaX kernel, strong DAC/MAC control mechanisms and a thorough low-entry oriented user documentation provides "full scale" protection for a wide range from home users to enterprise businesses.
- Position Independent Executables/Position Independent Code
- affected hardware (x86, AMD64, Sparc, HPPA)
binutils and glibc modifications:
- PT_PAX support for the ELF header (plus introduction to ELF header specification)
- introduction of the _guardsetup and __guard functions to glibc
- improvements of entropy generation for _guardsetup using other mechanisms
- future outlook: separated libssp.so and smooth migration out of glibc
- PaX and grsecurity, LIDS, selinux and RSBAC