Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

@@ -80,10 +80,11 @@
         <privilege set="default" name="proc_chroot" />
         <privilege set="default" name="sys_audit" />
         <privilege set="default" name="proc_audit" />
         <privilege set="default" name="proc_lock_memory" />
         <privilege set="default" name="proc_owner" />
+        <privilege set="default" name="proc_secflags" />
         <privilege set="default" name="proc_setid" />
         <privilege set="default" name="proc_taskid" />
         <privilege set="default" name="sys_acct" />
         <privilege set="default" name="sys_admin" />
         <privilege set="default" name="sys_ip_config" ip-type="exclusive" />