Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 70,79 **** --- 70,80 ---- EXEC_DATA ^platform/.*/multiboot$ # Objects that are allowed to have an executable stack EXEC_STACK ^platform/.*/MACH(kernel)/unix$ EXEC_STACK ^platform/.*/multiboot$ + EXEC_STACK ^opt/os-tests/tests/secflags/stacky$ # Objects for which we allow relocations to the text segment TEXTREL ^platform/.*/MACH(kernel)/unix$ # Directories and files that are allowed to have no direct bound symbols