Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 655,664 **** --- 655,680 ---- </loctext> </description> <cardinality min='1' max='1'/> </prop_pattern> + <prop_pattern name='security_flags' type='astring' + required='false'> + <common_name> + <loctext xml:lang='C'> + method credential security flags + </loctext> + </common_name> + <description> + <loctext xml:lang='C'> + An optional string specifying the security flags as defined in security-flags(5). + </loctext> + </description> + <cardinality min='1' max='1'/> + <internal_separators>,</internal_separators> + </prop_pattern> + <!-- method_credential properties --> <prop_pattern name='user' type='astring' required='false'> <common_name> <loctext xml:lang='C'>
*** 902,911 **** --- 918,943 ---- </loctext> </description> <cardinality min='1' max='1'/> </prop_pattern> + <prop_pattern name='security_flags' type='astring' + required='false'> + <common_name> + <loctext xml:lang='C'> + method credential security flags + </loctext> + </common_name> + <description> + <loctext xml:lang='C'> + An optional string specifying the security flags as defined in security-flags(5). + </loctext> + </description> + <cardinality min='1' max='1'/> + <internal_separators>,</internal_separators> + </prop_pattern> + <!-- method_credential properties --> <prop_pattern name='user' type='astring' required='false'> <common_name> <loctext xml:lang='C'>
*** 1148,1157 **** --- 1180,1204 ---- the project attribute. </loctext> </description> <cardinality min='1' max='1'/> </prop_pattern> + <prop_pattern name='security_flags' type='astring' + required='false'> + <common_name> + <loctext xml:lang='C'> + method security flags + </loctext> + </common_name> + <description> + <loctext xml:lang='C'> + An optional string specifying the security flags as defined in security-flags(5). + </loctext> + </description> + <cardinality min='1' max='1'/> + <internal_separators>,</internal_separators> + </prop_pattern> <!-- method_credential properties --> <prop_pattern name='user' type='astring' required='false'> <common_name>