摘要 |
Prevention of executable code modification is provided by making the act of allocating and modifying existing memory backed code pages a highly privileged operating system (OS) function. The integrity of loaded code is also optionally checked at load time inside the OS kernel. A privilege check in the system is invoked when executable pages are allocated or modified. This privilege is assigned only to the operating system kernel and highly trusted identities in the operating system.
|