Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 119,128 **** --- 119,129 ---- #define AUT_EXEC_ARGS ((char)0x3C) #define AUT_EXEC_ENV ((char)0x3D) #define AUT_ATTR32 ((char)0x3E) #define AUT_UAUTH ((char)0x3F) #define AUT_ZONENAME ((char)0x60) /* out of order */ + #define AUT_SECFLAGS ((char)0x62) /* out of order */ /* * X windows token types */
*** 296,305 **** --- 297,307 ---- token_t *au_to_sock_inet(struct sockaddr_in *); token_t *au_to_exec_args(const char *, ssize_t); token_t *au_to_exec_env(const char *, ssize_t); token_t *au_to_label(bslabel_t *); token_t *au_to_privset(const char *, const priv_set_t *, char, int); + token_t *au_to_secflags(const char *, secflagset_t); void au_uwrite(); void au_close(au_kcontext_t *, caddr_t *, int, au_event_t, au_emod_t, timestruc_t *); void au_close_defer(token_t *, int, au_event_t, au_emod_t, timestruc_t *);