Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

Split Close
Expand all
Collapse all
          --- old/usr/src/cmd/praudit/toktable.c
          +++ new/usr/src/cmd/praudit/toktable.c
↓ open down ↓ 111 lines elided ↑ open up ↑
 112  112           */
 113  113  
 114  114          table_init(AUT_ACL, "acl", acl_token, T_ENCLOSED);
 115  115          table_init(AUT_ACE, "acl", ace_token, T_ENCLOSED);
 116  116          table_init(AUT_ATTR, "attribute", attribute_token, T_ENCLOSED);
 117  117          table_init(AUT_IPC_PERM, "IPC_perm", s5_IPC_perm_token, T_ENCLOSED);
 118  118          table_init(AUT_GROUPS, "group", group_token, T_ELEMENT);
 119  119          table_initx(AUT_LABEL, "sensitivity label", "sensitivity_label",
 120  120              label_token, T_ELEMENT);
 121  121          table_init(AUT_PRIV, "privilege", privilege_token, T_EXTENDED);
      122 +        table_init(AUT_SECFLAGS, "secflags", secflags_token, T_EXTENDED);
 122  123          table_initx(AUT_UPRIV, "use of privilege", "use_of_privilege",
 123  124              useofpriv_token, T_EXTENDED);
 124  125          table_init(AUT_LIAISON, "liaison", liaison_token, T_ELEMENT);
 125  126          table_init(AUT_NEWGROUPS, "group", newgroup_token, T_ELEMENT);
 126  127          table_init(AUT_EXEC_ARGS, "exec_args", exec_args_token, T_ELEMENT);
 127  128          table_init(AUT_EXEC_ENV, "exec_env", exec_env_token, T_ELEMENT);
 128  129          table_init(AUT_ATTR32, "attribute", attribute32_token, T_ENCLOSED);
 129  130          table_initx(AUT_UAUTH, "use of authorization",
 130  131              "use_of_authorization", useofauth_token, T_ELEMENT);
 131  132          table_init(AUT_USER, "user", user_token, T_ENCLOSED);
↓ open down ↓ 178 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX