Print this page
uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap.  Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it

Split Close
Expand all
Collapse all
          --- old/usr/src/pkg/manifests/SUNWcs.mf
          +++ new/usr/src/pkg/manifests/SUNWcs.mf
↓ open down ↓ 542 lines elided ↑ open up ↑
 543  543  file path=lib/svc/manifest/system/filesystem/usr-fs.xml group=sys mode=0444
 544  544  $(i386_ONLY)file path=lib/svc/manifest/system/hostid.xml group=sys mode=0444
 545  545  file path=lib/svc/manifest/system/hotplug.xml group=sys mode=0444
 546  546  file path=lib/svc/manifest/system/identity.xml group=sys mode=0444
 547  547  file path=lib/svc/manifest/system/idmap.xml group=sys mode=0444
 548  548  file path=lib/svc/manifest/system/keymap.xml group=sys mode=0444
 549  549  file path=lib/svc/manifest/system/logadm-upgrade.xml group=sys mode=0444
 550  550  file path=lib/svc/manifest/system/manifest-import.xml group=sys mode=0444
 551  551  file path=lib/svc/manifest/system/name-service-cache.xml group=sys mode=0444
 552  552  file path=lib/svc/manifest/system/pfexecd.xml group=sys mode=0444
      553 +file path=lib/svc/manifest/system/process-security.xml group=sys mode=0444
 553  554  file path=lib/svc/manifest/system/rbac.xml group=sys mode=0444
 554  555  file path=lib/svc/manifest/system/rmtmpfiles.xml group=sys mode=0444
 555  556  file path=lib/svc/manifest/system/sac.xml group=sys mode=0444
 556  557  file path=lib/svc/manifest/system/svc/global.xml group=sys mode=0444
 557  558  file path=lib/svc/manifest/system/svc/restarter.xml group=sys mode=0444
 558  559  file path=lib/svc/manifest/system/system-log.xml group=sys mode=0444
 559  560  file path=lib/svc/manifest/system/utmp.xml group=sys mode=0444
 560  561  file path=lib/svc/manifest/system/vtdaemon.xml group=sys mode=0444
 561  562  file path=lib/svc/method/boot-archive mode=0555
 562  563  file path=lib/svc/method/boot-archive-update mode=0555
↓ open down ↓ 518 lines elided ↑ open up ↑
1081 1082  file path=usr/lib/help/auths/locale/C/SmfValueExAcctTask.html
1082 1083  file path=usr/lib/help/auths/locale/C/SmfValueFirewall.html
1083 1084  file path=usr/lib/help/auths/locale/C/SmfValueHeader.html
1084 1085  file path=usr/lib/help/auths/locale/C/SmfValueIPsec.html
1085 1086  file path=usr/lib/help/auths/locale/C/SmfValueIdmap.html
1086 1087  file path=usr/lib/help/auths/locale/C/SmfValueInetd.html
1087 1088  file path=usr/lib/help/auths/locale/C/SmfValueMDNS.html
1088 1089  file path=usr/lib/help/auths/locale/C/SmfValueNADD.html
1089 1090  file path=usr/lib/help/auths/locale/C/SmfValueNDMP.html
1090 1091  file path=usr/lib/help/auths/locale/C/SmfValueNWAM.html
     1092 +file path=usr/lib/help/auths/locale/C/SmfValueProcSec.html
1091 1093  file path=usr/lib/help/auths/locale/C/SmfValueRouting.html
1092 1094  file path=usr/lib/help/auths/locale/C/SmfValueSMB.html
1093 1095  file path=usr/lib/help/auths/locale/C/SmfValueVscan.html
1094 1096  file path=usr/lib/help/auths/locale/C/SmfValueVt.html
1095 1097  file path=usr/lib/help/auths/locale/C/SmfVscanStates.html
1096 1098  file path=usr/lib/help/auths/locale/C/SmfVtStates.html
1097 1099  file path=usr/lib/help/auths/locale/C/SmfWpaStates.html
1098 1100  file path=usr/lib/help/auths/locale/C/SysCpuPowerMgmt.html
1099 1101  file path=usr/lib/help/auths/locale/C/SysDate.html
1100 1102  file path=usr/lib/help/auths/locale/C/SysHeader.html
↓ open down ↓ 764 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX