Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

Split Close
Expand all
Collapse all
          --- old/usr/src/lib/auditd_plugins/syslog/systoken.c
          +++ new/usr/src/lib/auditd_plugins/syslog/systoken.c
↓ open down ↓ 1463 lines elided ↑ open up ↑
1464 1464  
1465 1465  int
1466 1466  privilege_token(parse_context_t *ctx)
1467 1467  {
1468 1468          skip_bytes(ctx);
1469 1469          skip_bytes(ctx);
1470 1470  
1471 1471          return (0);
1472 1472  }
1473 1473  
     1474 +/*
     1475 + * -----------------------------------------------------------------------
     1476 + * secflags_token()     : Process secflags token and display contents
     1477 + *
     1478 + * Format of privilege token:
     1479 + *      secflags token id       adr_char
     1480 + *      secflag set name        adr_string
     1481 + *      secflags                adr_string
     1482 + * -----------------------------------------------------------------------
     1483 + */
     1484 +int
     1485 +secflags_token(parse_context_t *ctx)
     1486 +{
     1487 +        skip_bytes(ctx);
     1488 +        skip_bytes(ctx);
     1489 +
     1490 +        return (0);
     1491 +}
1474 1492  
1475 1493  /*
1476 1494   * Format of label token:
1477 1495   *      label ID                1 byte
1478 1496   *      compartment length      1 byte
1479 1497   *      classification          2 bytes
1480 1498   *      compartment words       <compartment length> * 4 bytes
1481 1499   */
1482 1500  int
1483 1501  label_token(parse_context_t *ctx)
↓ open down ↓ 26 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX