Operating System Security CHAPTER 9 space protection prevents certain portions of the memory used by the operat- ing system and applications from being used to execute code. This means classic attacks such as buffer overflows that depend on being able to execute their com- mands in hijacked portions of memory may be prevented from functioning at all. Many operating systems also use address space layout randomization (ASLR) [4] in order to shift the contents of the memory in use around so that tampering with it is even more difficult. 139 MORE ADvANCED A buffer overflow attack works by inputting more data than an application is expecting from a particular input--for example, by entering 1,000 characters into a field that was only expecting 10. Depending on how the application was written, we may find that the extra 990 characters are written somewhere into memory, perhaps over memory locations used by other applications or the operating system. It is sometimes possible to execute commands by specifically crafting the excess data. Executable space protection requires two components to function: a hardware