OpenBSD security features

From ArticleWorld


OpenBSD is a Unix-like operating system written from the very beginning with security in mind. OpenBSD features a wide range of security features, from changes in the base API to advanced cryptographic facilities built in the kernel itself. The OpenBSD team has even rewritten significant parts of software packages to include support for running in chroot jails. The operating system itself is based on several security paradigms, like privilege separation and revocation.

[edit]

The basic API

The basic API of the OpenBSD system is changed to reflect its security model. The canonical example is that of the strcpy and strcat, which are usually avoided by programmers because they are highly suspicious to induction of buffer-related security problems. The OpenBSD team has decided to implement two functions that have the same outcome, but different implementation, making it more difficult for programmers to leave unterminated buffers. These functions were adopted in other BSD operating systems, although the maintainer of the GNU C Library considers they should not be implemented in the library because an alternative, memcpy, already exists. The linker in OpenBSD warns about using these versions as well.

[edit]

Memory protection mechanism

OpenBSD introduced several security features in the handling and management of memory. The OpenBSD team did that by several methods.

The main memory management feature is represented by a GCC extension called ProPolice, that protects software against stack-smashing attacks. It achieves this by reordering local stack variables so that they place buffers after pointers. This means that, should a buffer overflow occur, the variables are not corrupted. This extension can even place a canary value after the local buffers, so that any overflow can be detected and handled during execution. Since May 2004, another advanced feature is implemented, the StackGhost, although it is available only on SPARC processors.

An advanced protection scheme, W^X is available as well. This protection scheme ensures that a certain range of memory is writable or executable, but never writable and executable at the same time. The OpenBSD team implemented this even in the generic x86 build.

[edit]

Cryptography

OpenBSD aims to integrate as much cryptography as close to the operating system itself. A number of features are available, from low-level support for pseudo-random numbers to a number of built-in cryptographic hash functions and transforms. A notable feature is that of the Blowfish block cipher-based password hashing algorithm. This makes the task of checking a password very intensive in terms of resource usage, so that a brute-force attack is difficult to be done. The network stack is is designed with several randomization features, making values like TCP ISNs more difficult to predict for an attacker.

Retrieved from "http://www.articleworld.org/index.php/OpenBSD_security_features"