Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.
*** 130,139 ****
--- 130,140 ----
int secpolicy_ppp_config(const cred_t *);
int secpolicy_proc_access(const cred_t *);
int secpolicy_proc_excl_open(const cred_t *);
int secpolicy_proc_owner(const cred_t *, const cred_t *, int);
int secpolicy_proc_zone(const cred_t *);
+ int secpolicy_psecflags(const cred_t *, struct proc *, struct proc *);
int secpolicy_pset(const cred_t *);
int secpolicy_rctlsys(const cred_t *, boolean_t);
int secpolicy_resource(const cred_t *);
int secpolicy_resource_anon_mem(const cred_t *);
int secpolicy_rpcmod_open(const cred_t *);