il_7029-4 Udiff usr/src/lib/libbsm/adt

Print this page

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

@@ -278,10 +278,17 @@
 <!ELEMENT privilege             (#PCDATA)>
 <!ATTLIST privilege
                 set-type        CDATA #REQUIRED
 >
 
+<!-- secflags token -->
+<!ELEMENT secflags              (#PCDATA)>
+<!ATTLIST secflags
+                set-type        CDATA #REQUIRED
+>
+
+
 <!-- use_of_privilege token -->
 <!ELEMENT use_of_privilege      (#PCDATA)>
 <!ATTLIST use_of_privilege
                 result          CDATA #REQUIRED
 >