It's interesting to see the trajectory of the two projects, #FreeBSD and #HardenedBSD. HardenedBSD is following the path grsecurity paved, and FreeBSD is following the patch the University of Cambridge is paving.

There's still plenty of room for collaboration.

@david As in, FreeBSD has rejected the PaX/grsecurity model for exploit mitigations like ASLR and NOEXEC. FreeBSD is likely going to go whatever route the University of Cambridge (Robert Watson et al) paves for FreeBSD.

As an example, the Cambridge folks want to completely scrap mmap in order to implement W^X. They likely will in FreeBSD.

HardenedBSD, instead, implemented PaX NOEXEC.

Sign in to participate in the conversation
Cross Family's Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!