Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 30,39 **** --- 30,40 ---- #include <stdlib.h> #include <unistd.h> #include <fcntl.h> #include <string.h> #include <limits.h> + #include <sys/secflags.h> #include "Pcontrol.h" /* * These several routines simply get the indicated /proc structures
*** 66,75 **** --- 67,97 ---- (void) close(fd); } return (rv); } + int + proc_get_secflags(pid_t pid, prsecflags_t **psf) + { + char fname[PATH_MAX]; + int fd; + int rv = -1; + + if ((*psf = calloc(1, sizeof (prsecflags_t))) == NULL) + return (-1); + + (void) snprintf(fname, sizeof (fname), "%s/%d/secflags", + procfs_path, (int)pid); + if ((fd = open(fname, O_RDONLY)) >= 0) { + if (read(fd, *psf, sizeof (prsecflags_t)) == + sizeof (prsecflags_t)) + rv = 0; + (void) close(fd); + } + return (rv); + } + void proc_free_priv(prpriv_t *prv) { free(prv); }