Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 88,100 **** #define RT_PCAP 24 #define RT_HOSTID 25 /* really a property, but for info ... */ #define RT_ADMIN 26 #define RT_FS_ALLOWED 27 #define RT_MAXPROCS 28 /* really a rctl alias property, but for info */ #define RT_MIN RT_UNKNOWN ! #define RT_MAX RT_MAXPROCS /* property types: increment PT_MAX when expanding this list */ #define PT_UNKNOWN 0 #define PT_ZONENAME 1 #define PT_ZONEPATH 2 --- 88,101 ---- #define RT_PCAP 24 #define RT_HOSTID 25 /* really a property, but for info ... */ #define RT_ADMIN 26 #define RT_FS_ALLOWED 27 #define RT_MAXPROCS 28 /* really a rctl alias property, but for info */ + #define RT_SECFLAGS 29 #define RT_MIN RT_UNKNOWN ! #define RT_MAX RT_SECFLAGS /* property types: increment PT_MAX when expanding this list */ #define PT_UNKNOWN 0 #define PT_ZONENAME 1 #define PT_ZONEPATH 2
*** 135,147 **** #define PT_USER 37 #define PT_AUTHS 38 #define PT_FS_ALLOWED 39 #define PT_MAXPROCS 40 #define PT_ALLOWED_ADDRESS 41 #define PT_MIN PT_UNKNOWN ! #define PT_MAX PT_ALLOWED_ADDRESS #define MAX_EQ_PROP_PAIRS 3 #define PROP_VAL_SIMPLE 0 #define PROP_VAL_COMPLEX 1 --- 136,151 ---- #define PT_USER 37 #define PT_AUTHS 38 #define PT_FS_ALLOWED 39 #define PT_MAXPROCS 40 #define PT_ALLOWED_ADDRESS 41 + #define PT_DEFAULT 42 + #define PT_LOWER 43 + #define PT_UPPER 44 #define PT_MIN PT_UNKNOWN ! #define PT_MAX PT_UPPER #define MAX_EQ_PROP_PAIRS 3 #define PROP_VAL_SIMPLE 0 #define PROP_VAL_COMPLEX 1