Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

Split Close
Expand all
Collapse all
          --- old/usr/src/lib/libbsm/auditxml
          +++ new/usr/src/lib/libbsm/auditxml
↓ open down ↓ 605 lines elided ↑ open up ↑
 606  606                    'label'               => 'AUT_LABEL',
 607  607                    'newgroups'           => 'AUT_NEWGROUPS',
 608  608          #         'opaque'              => 'AUT_OPAQUE',        # not defined
 609  609                    'path'                => 'AUT_PATH',
 610  610                    'path_list'           => '-AUT_PATH',         # dummy token id
 611  611                    'process'             => 'AUT_PROCESS',
 612  612                    'priv_effective'      => 'ADT_AUT_PRIV_E',    # dummy token id
 613  613                    'priv_limit'          => 'ADT_AUT_PRIV_L',    # dummy token id
 614  614                    'priv_inherit'        => 'ADT_AUT_PRIV_I',    # dummy token id
 615  615                    'return'              => 'AUT_RETURN',
      616 +                  'secflags'            => 'AUT_SECFLAGS',
 616  617          #         'seq'                 => 'AUT_SEQ',           # not defined
 617  618          #         'socket'              => 'AUT_SOCKET',        # not defined
 618  619          #         'socket-inet'         => 'AUT_SOCKET_INET',
 619  620                    'subject'             => 'AUT_SUBJECT',
 620  621                    'text'                => 'AUT_TEXT',
 621  622                    'tid'                 => 'AUT_TID',
 622  623          #         'trailer'             => 'AUT_TRAILER',       # not defined
 623  624                    'uauth'               => 'AUT_UAUTH',
 624  625                    'user'                => 'AUT_USER',
 625  626                    'zonename'            => 'AUT_ZONENAME'
↓ open down ↓ 490 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX