llsoftsecbook
llsoftsecbook copied to clipboard
llsoftsec
Low-Level Software Security for Compiler Developers
Suggestion to add a section on binary images and how these are constructed and can be exploited, for example: * code versus data * read-only, relro, execute-only * ASLR *...
We should consider using the Wayback Machine (https://web.archive.org/) so that the links we add remain accessible in the future.
Kees Cook has presented in at least 2020 and 2021 at Linux plumbers on compiler security hardening features used or starting to get used in the linux kernel. It seems...
Chapter 2 is presently named "Memory vulnerability based attacks and mitigations" and I'd like to suggest shortening it to "Memory vulnerability based attacks". The shorter form is consistent with other...
Consider section on ABI vulnerabilities. The premise is that some computing systems provide a security enclave, for example, Arm TrustZone and Intel SGX. When such an enclave exists there is...
Some parts of the book emphasize common terms. Those are terms that typically would go into the index. We probably ought to have a consistent way to typeset those across...
When writing, it's easy to forget that the text in an \index{} entry is not also put in the main text. For example, `The content of the \index{cache} is...` will...
Consider whether there would be value in adding a section around why software security is different for compilers than other software categories. Tentative section header: "Importance of software security for...
Check if all attacks and mitigations discussed in https://dl.acm.org/doi/abs/10.1145/3471936 relevant to compilers are covered in the book. The title of this 2021 article in ACM Transactions on Design Automation of...
The llsoftsecbook could use a logo to use in a number of different places, such as: * having a logo for the github repo (or at least the llsoftsec organization...