1page.title=Security Enhancements in Android 1.5 through 4.1 2@jd:body 3 4<p> 5Android provides a multi-layered security model described in the <a href="{@docRoot}security/index.html">Android 6Security Overview</a>. Each update to Android includes dozens of 7security enhancements to protect users. The following are some of the security 8enhancements introduced in Android versions 1.5 through 4.1:</p> 9 10<dl> 11<dt><strong>Android 1.5</strong></dt> 12<dd><ul> 13<li>ProPolice to prevent stack buffer overruns (-fstack-protector)</li> 14<li>safe_iop to reduce integer overflows</li> 15<li>Extensions to OpenBSD dlmalloc to prevent double free() vulnerabilities and 16to prevent chunk consolidation attacks. Chunk consolidation attacks are a 17common way to exploit heap corruption.</li> 18<li>OpenBSD calloc to prevent integer overflows during memory allocation</li> 19</ul> 20</dd> 21 22<dt><strong>Android 2.3</strong></dt> 23<dd><ul> 24<li>Format string vulnerability protections (-Wformat-security -Werror=format-security)</li> 25<li>Hardware-based No eXecute (NX) to prevent code execution on the stack and heap</li> 26<li>Linux mmap_min_addr to mitigate null pointer dereference privilege 27escalation (further enhanced in Android 4.1)</li> 28</ul> 29</dd> 30 31<dt><strong>Android 4.0</strong></dt> 32<dd>Address Space Layout Randomization (ASLR) to randomize key locations in memory 33</dd> 34 35<dt><strong>Android 4.1</strong></dt> 36<dd><ul> 37<li>PIE (Position Independent Executable) support</li> 38<li>Read-only relocations / immediate binding (-Wl,-z,relro -Wl,-z,now)</li> 39<li>dmesg_restrict enabled (avoid leaking kernel addresses)</li> 40<li>kptr_restrict enabled (avoid leaking kernel addresses)</li> 41</ul> 42</dd> 43 44</dl> 45