this is for holding javascript data
Ye edited Motivation_System_and_high_performance__.md
about 8 years ago
Commit id: 464145df6c05f371f94c526cf863c8b921534b57
deletions | additions
diff --git a/Motivation_System_and_high_performance__.md b/Motivation_System_and_high_performance__.md
index 17bf43e..b58c14f 100644
--- a/Motivation_System_and_high_performance__.md
+++ b/Motivation_System_and_high_performance__.md
...
Based on the observation that JOP uses many libraries that makes system calls, De Raadt proposed a new mitigation technique against control-flow attacks _Pledge_\cite{pledge} for the OpenBSD operating system. To reduce the attack surface, programmers can annotate their program with pledge\cite{pledge(2)} requests to limit the number of systems calls a program can make. When running a pledged program, the kernel can enforce the pledge annotations and report an error if the program attempts to make system call that is not allowed. Figure 1 shows the example of how the _cat_ program is annotated in OpenBSD.
\begin{lstlisting}[language=C, caption=C example] \begin{lstlisting}
int main() {
int ch;