Back to Security Pattern Catalog
Controlled Virtual Address Space
: Core Security, Elevation of Privilege
Processes should be controlled while accessing memory, otherwise they could overwrite each others areas or gain access to private information. Again, illegal access to system areas could allow a process to get a higher execution privilege level and thus access files and other resources.
How can this be avoided?
Divide the virtual address space into segments according to logical units in the programs. Use descriptors to indicate access rights, for example the start address, length of segment and the type of access permitted.
Choices operating system. AIX operating system.
Address Space, System Area, Access Control
Last modified: May 05, 2012
and Maintained by: Munawar Hafiz