Hi devs, I am astonished by your great works! It is such a large scale fasm system, how do you ensure vulnerability won't slip in your code? Thanks in advance

Also what's your opinion on security mitigation available in C compiler like stack smashing protection, W^X memory protection, and so on

I’m not a MenuetOS developer but since my thesis is related to security vulnerabilities I’ll express my view towards tricks like having some elements in the stack used to watch for buffer overruns at runtime.

Since vulnerability is a property of a program it is not practical to look for such bugs at runtime. You can’t really do much except shutting down if any of these tricks notices a vulnerability.

Thank you for the answer! How about a program that could exploit vulnerability in the kernel?

What about it? Vulnerability in the kernel is a property of the kernel and can only be effectively detected and fixed before the kernel runs.

Thanks! Now I have adequate answer

In kernel, by making sure that a function behaves in a known manner with all the input parameters, whether the result is the wanted functionality or an errormessage. This includes accesss timeouts, parameter limit checks, avoiding memory access conflicts with semaphores (mutex) etc. The same practices which apply to other programming languages.

Thank you for your answer! If I'm not mistaken you are the main developer of MenuetOS, right? How developing things in asm compared to C? Because I heard C isn't low level anymore due to requiring a huge compiler to perform a lot of optimization for its performance to be close to handwritten asm as possible (link: https://queue.acm.org/detail.cfm?id=3212479)

After a while, you start to think in the terms of the programming language you are using. And as long as the programming environment supports the language with easy API, then programming (in asm) is quite simple. So today, asm for me is simply one programming language among others.