Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 171,180 **** --- 171,184 ---- #REQUIRED count CDATA #REQUIRED > <!-- privilege token --> <!ELEMENT privilege (#PCDATA)> <!ATTLIST privilege set-type CDATA #REQUIRED > + <!-- secflags token --> <!ELEMENT secflags (#PCDATA)> <!ATTLIST + secflags set-type CDATA #REQUIRED > + + <!-- use_of_privilege token --> <!ELEMENT use_of_privilege (#PCDATA)> <!ATTLIST use_of_privilege result CDATA #REQUIRED > <!-- sensitivity_label token --> <!ELEMENT sensitivity_label (#PCDATA)>