a676e37a84
* Docs are now ordered by STIG ID number to make them easier to browse. * Deployer notes are better organized. * Script + CSV added for automated documentation generation. Implements: blueprint security-hardening Change-Id: Ib87bec701eddf1601574f4e027f301c775e5e1cd
19 lines
771 B
ReStructuredText
19 lines
771 B
ReStructuredText
V-38596: The system must implement virtual address space randomization.
|
|
-----------------------------------------------------------------------
|
|
|
|
Address space layout randomization (ASLR) makes it more difficult for an
|
|
attacker to predict the location of attack code he or she has introduced into
|
|
a process's address space during an attempt at exploitation. Additionally,
|
|
ASLR also makes it more difficult for an attacker to know the location of
|
|
existing code in order to repurpose it using return oriented programming (ROP)
|
|
techniques.
|
|
|
|
Details: `V-38596 in STIG Viewer`_.
|
|
|
|
.. _V-38596 in STIG Viewer: https://www.stigviewer.com/stig/red_hat_enterprise_linux_6/2015-05-26/finding/V-38596
|
|
|
|
Notes for deployers
|
|
~~~~~~~~~~~~~~~~~~~
|
|
|
|
.. include:: developer-notes/V-38596.rst
|