Print this page
uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap.  Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it

*** 312,321 **** --- 312,326 ---- Allows all that PRIV_PROC_PRIOUP allows. Allows a process to change its scheduling class to any scheduling class, including the RT class. + privilege PRIV_PROC_SECFLAGS + + Allows a process to manipulate the secflags of processes (subject to, + additionally, the ability to signal that process) + basic privilege PRIV_PROC_SESSION Allows a process to send signals or trace processes outside its session.