Print this page
Code review comments from jeffpc

Split Close
Expand all
Collapse all
          --- old/usr/src/man/man1/psecflags.1
          +++ new/usr/src/man/man1/psecflags.1
↓ open down ↓ 2 lines elided ↑ open up ↑
   3    3  .\" Common Development and Distribution License ("CDDL"), version 1.0.
   4    4  .\" You may only use this file in accordance with the terms of version
   5    5  .\" 1.0 of the CDDL.
   6    6  .\"
   7    7  .\" A full copy of the text of the CDDL should have accompanied this
   8    8  .\" source.  A copy of the CDDL is also available via the Internet at
   9    9  .\" http://www.illumos.org/license/CDDL.
  10   10  .\"
  11   11  .\" Copyright 2015, Richard Lowe.
  12   12  .\"
  13      -.TH "PSECFLAGS" "1" "May 3, 2014"
       13 +.TH "PSECFLAGS" "1" "June 6, 2016"
  14   14  .SH "NAME"
  15   15  \fBpsecflags\fR - inspect or modify process security flags
  16   16  .SH "SYNOPSIS"
  17   17  .LP
  18   18  .nf
  19      -\fB/usr/bin/psecflags\fR \fI-s\fR \fIspec\fR \fI-e\fR \fIcommand\fR
  20      -        [\fIarg\fR]...
       19 +\fB/usr/bin/psecflags\fR \fI-s\fR \fIspec\fR \fI-e\fR \fIcommand\fR \
       20 +[\fIarg\fR]...
  21   21  .fi
  22   22  .LP
  23   23  .nf
  24      -\fB/usr/bin/psecflags\fR \fI-s\fR \fIspec\fR [\fI-i\fR \fIidtype\fR]
  25      -        \fIid\fR ...
       24 +\fB/usr/bin/psecflags\fR \fI-s\fR \fIspec\fR [\fI-i\fR \fIidtype\fR] \
       25 +\fIid\fR ...
  26   26  .fi
  27   27  .LP
  28   28  .nf
  29   29  \fB/usr/bin/psecflags\fR [\fI-F\fR] { \fIpid\fR | \fIcore\fR }
  30   30  .fi
  31   31  .LP
  32   32  .nf
  33   33  \fB/usr/bin/psecflags\fR \fI-l\fR
  34   34  .fi
  35   35  
↓ open down ↓ 177 lines elided ↑ open up ↑
 213  213  .SH "EXAMPLES"
 214  214  .LP
 215  215  \fBExample 1\fR Display the security-flags of the current shell.
 216  216  .sp
 217  217  .in +2
 218  218  .nf
 219  219  example$ \fBpsecflags $$\fR
 220  220  100718: -sh
 221  221          E:      aslr
 222  222          I:      aslr
 223      -        L:      none
 224      -        U:      aslr, forbidnullmap, noexecstack
      223 +        L:      none
      224 +        U:      aslr,forbidnullmap,noexecstack
 225  225  .fi
 226  226  .in -2
 227  227  .sp
 228  228  
 229  229  .LP
 230  230  \fBExample 2\fR Run a user command with ASLR enabled in addition to any
 231  231  inherited security flags.
 232  232  .sp
 233  233  .in +2
 234  234  .nf
 235  235  example$ \fBpsecflags -s current,aslr -e /bin/sh\fR
 236  236  $ psecflags $$
 237  237  100724: -sh
 238  238          E:      none
 239  239          I:      aslr
 240      -        L:      none
 241      -        U:      aslr, forbidnullmap, noexecstack
      240 +        L:      none
      241 +        U:      aslr,forbidnullmap,noexecstack
 242  242  .fi
 243  243  .in -2
 244  244  .sp
 245  245  
 246  246  .LP
 247  247  \fBExample 3\fR Remove aslr from the inheritable flags of all Bob's processes.
 248  248  .sp
 249  249  .in +2
 250  250  .nf
 251  251  example# \fBpsecflags -s current,-aslr -i uid bob\fR
↓ open down ↓ 47 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX