Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

@@ -611,10 +611,11 @@
                   'process'             => 'AUT_PROCESS',
                   'priv_effective'      => 'ADT_AUT_PRIV_E',    # dummy token id
                   'priv_limit'          => 'ADT_AUT_PRIV_L',    # dummy token id
                   'priv_inherit'        => 'ADT_AUT_PRIV_I',    # dummy token id
                   'return'              => 'AUT_RETURN',
+                  'secflags'            => 'AUT_SECFLAGS',
         #         'seq'                 => 'AUT_SEQ',           # not defined
         #         'socket'              => 'AUT_SOCKET',        # not defined
         #         'socket-inet'         => 'AUT_SOCKET_INET',
                   'subject'             => 'AUT_SUBJECT',
                   'text'                => 'AUT_TEXT',