Print this page
Code review comments from jeffpc
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

Split Close
Expand all
Collapse all
          --- old/usr/src/man/man5/smf_method.5.man.txt
          +++ new/usr/src/man/man5/smf_method.5.man.txt
↓ open down ↓ 299 lines elided ↑ open up ↑
 300  300  
 301  301  
 302  302         working_directory
 303  303  
 304  304             The home directory from which to launch the method. :home can be
 305  305             used as a token to indicate the home directory of the user whose
 306  306             uid is used to launch the method. If the property is unset, :home
 307  307             is used.
 308  308  
 309  309  
      310 +       security_flags
      311 +
      312 +           The security flags to apply when launching the method.  See
      313 +           security-flags(5).
      314 +
      315 +
      316 +           The "default" keyword specifies those flags specified in
      317 +           svc:/system/process-security.  The "all" keyword enables all flags,
      318 +           the "none" keyword enables no flags.  Further flags may be added by
      319 +           specifying their name, or removed by specifying their name prefixed
      320 +           by '-' or '!'.
      321 +
      322 +
      323 +           Use of "all" has associated risks, as future versions of the system
      324 +           may include further flags which may harm poorly implemented
      325 +           software.
      326 +
      327 +
 310  328         corefile_pattern
 311  329  
 312  330             An optional string that specifies the corefile pattern to use for
 313  331             the service, as per coreadm(1M). Most restarters supply a default.
 314  332             Setting this property overrides local customizations to the global
 315  333             core pattern.
 316  334  
 317  335  
 318  336         project
 319  337  
↓ open down ↓ 45 lines elided ↑ open up ↑
 365  383  
 366  384         /usr/include/libscf.h
 367  385  
 368  386             Definitions of exit status codes.
 369  387  
 370  388  
 371  389  SEE ALSO
 372  390         zonename(1), coreadm(1M), inetd(1M), svccfg(1M), svc.startd(1M),
 373  391         exec(2), fork(2), getdefaultproj(3PROJECT), exec_attr(4), project(4),
 374  392         service_bundle(4), attributes(5), privileges(5), rbac(5), smf(5),
 375      -       smf_bootstrap(5), zones(5)
      393 +       smf_bootstrap(5), zones(5), security-flags(5)
 376  394  
 377  395  NOTES
 378  396         The present version of smf(5) does not support multiple repositories.
 379  397  
 380  398  
 381  399         When a service is configured to be started as root but with privileges
 382  400         different from limit_privileges, the resulting process is privilege
 383  401         aware.  This can be surprising to developers who expect seteuid(<non-
 384  402         zero UID>) to reduce privileges to basic or less.
 385  403  
 386  404  
 387  405  
 388      -                                 May 20, 2009                    SMF_METHOD(5)
      406 +                                 June 6, 2016                    SMF_METHOD(5)
    
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX