Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.
*** 119,128 ****
--- 119,129 ----
#define AUT_EXEC_ARGS ((char)0x3C)
#define AUT_EXEC_ENV ((char)0x3D)
#define AUT_ATTR32 ((char)0x3E)
#define AUT_UAUTH ((char)0x3F)
#define AUT_ZONENAME ((char)0x60) /* out of order */
+ #define AUT_SECFLAGS ((char)0x62) /* out of order */
/*
* X windows token types
*/
*** 296,305 ****
--- 297,307 ----
token_t *au_to_sock_inet(struct sockaddr_in *);
token_t *au_to_exec_args(const char *, ssize_t);
token_t *au_to_exec_env(const char *, ssize_t);
token_t *au_to_label(bslabel_t *);
token_t *au_to_privset(const char *, const priv_set_t *, char, int);
+ token_t *au_to_secflags(const char *, secflagset_t);
void au_uwrite();
void au_close(au_kcontext_t *, caddr_t *, int, au_event_t, au_emod_t,
timestruc_t *);
void au_close_defer(token_t *, int, au_event_t, au_emod_t, timestruc_t *);