Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.
@@ -171,10 +171,14 @@
#REQUIRED count CDATA #REQUIRED >
<!-- privilege token --> <!ELEMENT privilege (#PCDATA)> <!ATTLIST
privilege set-type CDATA #REQUIRED >
+<!-- secflags token --> <!ELEMENT secflags (#PCDATA)> <!ATTLIST
+secflags set-type CDATA #REQUIRED >
+
+
<!-- use_of_privilege token --> <!ELEMENT use_of_privilege (#PCDATA)>
<!ATTLIST use_of_privilege result CDATA #REQUIRED >
<!-- sensitivity_label token --> <!ELEMENT sensitivity_label (#PCDATA)>