Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

@@ -457,12 +457,13 @@
           ":default" can be used as a token to indicate use of the         pool
 specified in the project(4) entry given in the         "project" attribute
 above.  --> <!ELEMENT method_context    ( (method_profile |
 method_credential)?, method_environment? ) >
 
-<!ATTLIST method_context      working_directory   CDATA #IMPLIED      project
-               CDATA #IMPLIED      resource_pool       CDATA #IMPLIED >
+<!ATTLIST method_context      security_flags      CDATA #IMPLIED
+     working_directory   CDATA #IMPLIED      project             CDATA #IMPLIED
+     resource_pool       CDATA #IMPLIED >
 
 <!-- Restarter delegation, methods, and monitors -->
 
 <!--
   exec_method