Skip to content

Security: nanovms/ops

Security

SECURITY.md

Security

For the curious - this is all on by default:

ASLR:

  • Stack Randomization

  • Heap Randomization

  • Library Randomization

  • Binary Randomization

Page Protections:

  • Stack Execution off by Default

  • Heap Execution off by Default

  • Null Page is Not Mapped

  • Stack Cookies/Canaries

  • Rodata no execute

  • Text no write

Other Considerations

  • Single Process

  • No Users

  • No Shell

There aren’t any published security advisories