The forthcoming Red Hat Enterprise Linux (RHEL) 3 suite will include a new feature to thwart worms and hackers. The news arrives as the security of open-source systems comes under increased scrutiny. Less than two weeks ago, several serious security vulnerabilities were revealed in OpenSSH and Sendmail, two popular open-source software packages.
The RHEL 3 server operating system, due to ship within weeks, includes a feature called Position Independent Executables (PIE). This is a modification to the Linux kernel developed by Red Hat to reduce the threat from worms and other buffer-overflow based attacks.
Red Hat has adapted a number of open-source programs for use with PIE, which causes the kernel to put them into different memory locations each time they are loaded. Experts say that hackers need to know the relative locations of programs and libraries in order to exploit buffer overflows. And worms must be tuned for each set of memory locations.
The link for this article located at vnunet is no longer available.
