Print this page
uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap.  Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it


 539 .sp .6
 540 .RS 4n
 541 Allow a process to elevate its priority above its current level.
 542 .RE
 543 
 544 .sp
 545 .ne 2
 546 .na
 547 \fB\fBPRIV_PROC_PRIOCNTL\fR\fR
 548 .ad
 549 .sp .6
 550 .RS 4n
 551 Allows all that PRIV_PROC_PRIOUP allows.
 552 Allow a process to change its scheduling class to any scheduling class,
 553 including the RT class.
 554 .RE
 555 
 556 .sp
 557 .ne 2
 558 .na











 559 \fB\fBPRIV_PROC_SESSION\fR\fR
 560 .ad
 561 .sp .6
 562 .RS 4n
 563 Allow a process to send signals or trace processes outside its session.
 564 .RE
 565 
 566 .sp
 567 .ne 2
 568 .na
 569 \fB\fBPRIV_PROC_SETID\fR\fR
 570 .ad
 571 .sp .6
 572 .RS 4n
 573 Allow a process to set its UIDs at will, assuming UID 0 requires all privileges
 574 to be asserted.
 575 .RE
 576 
 577 .sp
 578 .ne 2




 539 .sp .6
 540 .RS 4n
 541 Allow a process to elevate its priority above its current level.
 542 .RE
 543 
 544 .sp
 545 .ne 2
 546 .na
 547 \fB\fBPRIV_PROC_PRIOCNTL\fR\fR
 548 .ad
 549 .sp .6
 550 .RS 4n
 551 Allows all that PRIV_PROC_PRIOUP allows.
 552 Allow a process to change its scheduling class to any scheduling class,
 553 including the RT class.
 554 .RE
 555 
 556 .sp
 557 .ne 2
 558 .na
 559 \fB\PRIV_PROC_SECFLAGS\fR
 560 .ad
 561 .sp .6
 562 .RS 4n
 563 Allow a process to manipulate the secflags of processes (subject to,
 564 additionally, the ability to signal that process)
 565 .RE
 566 
 567 .sp
 568 .ne 2
 569 .na
 570 \fB\fBPRIV_PROC_SESSION\fR\fR
 571 .ad
 572 .sp .6
 573 .RS 4n
 574 Allow a process to send signals or trace processes outside its session.
 575 .RE
 576 
 577 .sp
 578 .ne 2
 579 .na
 580 \fB\fBPRIV_PROC_SETID\fR\fR
 581 .ad
 582 .sp .6
 583 .RS 4n
 584 Allow a process to set its UIDs at will, assuming UID 0 requires all privileges
 585 to be asserted.
 586 .RE
 587 
 588 .sp
 589 .ne 2