Thoughts on Name Space Layout Randomization (NSLR)?
LaMothe, Ryan R
Ryan.LaMothe at pnnl.gov
Mon Dec 4 23:56:07 UTC 2017
I just ran across an article about JVM Name Space Layout Randomization (NSLR) and wanted to pass on the information.
To quote the article: “Name Space Layout Randomization (NSLR) is based on the same principle as ASLR, but applied for the first time as an application security feature for the Java runtime. NSLR hardens the Java virtual machine (JVM) by randomizing the JRE namespace (Java packages). Using NSLR inside the JVM, the ownership of bytecode loading is standardized and unvalidated bytecode fails to be executed. In effect, this makes bytecode tampering and a range of code injection exploits so difficult to execute that they become unfeasible, protecting against known and unknown vulnerabilities, including zero-day exploits.”
https://www.waratek.com/owasp-appsec-usa-2017/
https://www.waratek.com/nslr/
Sounds intriguing. Thoughts?
-Ryan
More information about the discuss
mailing list