docs: include hardening in measures (#5093)

2023-03-20 13:30:12 +11:00 · 2023-03-20 13:30:12 +11:00 · ae719a8e51
parent 0fb5ac78a7
commit ae719a8e51
2 changed files with 11 additions and 1 deletions
--- a/docs/content/en/contributing/prologue/financial.md
+++ b/docs/content/en/contributing/prologue/financial.md
@ -44,4 +44,6 @@ We are currently directly looking for someone to sponsor:

 * [Security Audit](../../policies/security.md#help-wanted)

-To see a list of our sponsors pleaase see the [sponsors section](../../information/about.md#sponsors) on the about page.
+To see a list of our sponsors please see the [sponsors section](../../information/about.md#sponsors) on the about page.
+
+[Open Collective]: https://opencollective.com/authelia-sponsors
--- a/docs/content/en/overview/security/measures.md
+++ b/docs/content/en/overview/security/measures.md
@ -75,6 +75,14 @@ Lastly Authelia's implementation of Argon2id is highly tunable. You can tune the
 (time), parallelism, and memory usage. To read more about this please read how to
 [configure](../../configuration/first-factor/file.md) file authentication.

+## Protections against return oriented programming attacks and general hardening
+
+Authelia is built as a position independent executable which makes Return Oriented Programming (ROP) attacks
+significantly more difficult to execute reliably.
+
+In addition it is built as a static binary with full relocation read-only support making this and several other
+traditional binary weaknesses significantly more difficult to exploit.
+
 ## User profile and group membership always kept up-to-date (LDAP authentication provider)

 This measure is unrelated to the File authentication provider.