More Address Space Tweaks Stackgap Random 8-byte alignment for top of stack Wastes at most 1 page of real memory Wastes random(N) pages of process address space Admin can adjust range ... Shared library order Map shared libraries in different order every time Matters more when a program uses many libraries: ie. sshd(8) Randomized addresses for shared libraries For pre-configured libraries, we know how large they are Attempt to map them randomly within the address space Very cheap; painful for attacker Not foolproof, but a hurdle No programs are affected