Print this page
uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap. Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it
@@ -80,10 +80,11 @@
<privilege set="default" name="proc_chroot" />
<privilege set="default" name="sys_audit" />
<privilege set="default" name="proc_audit" />
<privilege set="default" name="proc_lock_memory" />
<privilege set="default" name="proc_owner" />
+ <privilege set="default" name="proc_secflags" />
<privilege set="default" name="proc_setid" />
<privilege set="default" name="proc_taskid" />
<privilege set="default" name="sys_acct" />
<privilege set="default" name="sys_admin" />
<privilege set="default" name="sys_ip_config" ip-type="exclusive" />