Memory randomization (ASLR) coming to Mac OS X Leopard
The security technology, known as ASLR (address space layout randomization), randomly arranges the positions of key data areas to prevent malware authors from predicting target addresses. It is used in tandem with additional security features to reduce the effectiveness of exploit attempts.
[SEE: Vista’s ASLR not so random, but does it matter? ]
According to Apple, the library randomization feature will allow Leopard to defend against attackers with no effort at all.
One of the most common security breaches occurs when a hacker’s code calls a known memory address to have a system function execute malicious code. Leopard frustrates this plan by relocating system libraries to one of several thousand possible randomly assigned addresses.
Several open-source security systems -- OpenBSD, PaX and Exec Shield -- already implement ASLR in some form. Microsoft has also fitted ASLR into default configurations of Windows Vista.
Apple also plans to add Sandboxing (systrace) in Leopard to limits an application's access to the system by enforcing access policies for system calls. The feature is aimed at restricing an app's file access, network access, and ability to launch other applications.
Many Leopard applications -- such as Bonjour, Quick Look, and the Spotlight indexer -- will be sandboxed so hackers can't exploit them, Apple said.
Strangely, the default Safari Web browser isn't listed as a sandboxed application.
Some other security goodies promised in Leopard include:
Tagging Downloaded Applications -- Protection from potential threats. Any application downloaded to the operating system is tagged. Before it runs for the first time, the system asks for the user's consent -- notifying the user when it was downloaded, what application was used to download it, and, if applicable, what URL it came from.
Signed Applications -- A digital signature on an application will aim at verifying the identity and integrity of that program. All applications shipped with Leopard will be signed by Apple. Third-party software developers can also sign their applications.
Application-Based Firewall -- Leopard will feature the ability to specify the behavior of specific applications to either allow or block incoming connections.
Stronger Encryption for Disk Images -- Disk Utility will now allow users to create encrypted disk images using 256-bit AES encryption.