Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 130,139 **** --- 130,140 ---- int secpolicy_ppp_config(const cred_t *); int secpolicy_proc_access(const cred_t *); int secpolicy_proc_excl_open(const cred_t *); int secpolicy_proc_owner(const cred_t *, const cred_t *, int); int secpolicy_proc_zone(const cred_t *); + int secpolicy_psecflags(const cred_t *, struct proc *, struct proc *); int secpolicy_pset(const cred_t *); int secpolicy_rctlsys(const cred_t *, boolean_t); int secpolicy_resource(const cred_t *); int secpolicy_resource_anon_mem(const cred_t *); int secpolicy_rpcmod_open(const cred_t *);