$AUUGid: www/data/events/2004/auug2004/theo/mgp00003.txt,v 1.1 2004/09/04 08:42:50 davidp Exp $

Our Goals


Goal: Modify Unix to make it more resilient against attack

POSIX delineates three things:
Things we cannot (should not) change in Unix
Things we can change in Unix
Things which are... left as undefined/unspecified

But there are also other standards, and "de facto" behaviours ...

We must be careful

Our goals:
1. Do not break the behaviours that programs DEPEND on
2. Change anything else which makes an exploit author cry
3. Insignificant or low performance hit

What follows is a list of such mechanisms...