Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 117,126 **** --- 117,127 ---- table_init(AUT_IPC_PERM, "IPC_perm", s5_IPC_perm_token, T_ENCLOSED); table_init(AUT_GROUPS, "group", group_token, T_ELEMENT); table_initx(AUT_LABEL, "sensitivity label", "sensitivity_label", label_token, T_ELEMENT); table_init(AUT_PRIV, "privilege", privilege_token, T_EXTENDED); + table_init(AUT_SECFLAGS, "secflags", secflags_token, T_EXTENDED); table_initx(AUT_UPRIV, "use of privilege", "use_of_privilege", useofpriv_token, T_EXTENDED); table_init(AUT_LIAISON, "liaison", liaison_token, T_ELEMENT); table_init(AUT_NEWGROUPS, "group", newgroup_token, T_ELEMENT); table_init(AUT_EXEC_ARGS, "exec_args", exec_args_token, T_ELEMENT);