Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

@@ -130,10 +130,11 @@
 int secpolicy_ppp_config(const cred_t *);
 int secpolicy_proc_access(const cred_t *);
 int secpolicy_proc_excl_open(const cred_t *);
 int secpolicy_proc_owner(const cred_t *, const cred_t *, int);
 int secpolicy_proc_zone(const cred_t *);
+int secpolicy_psecflags(const cred_t *, struct proc *, struct proc *);
 int secpolicy_pset(const cred_t *);
 int secpolicy_rctlsys(const cred_t *, boolean_t);
 int secpolicy_resource(const cred_t *);
 int secpolicy_resource_anon_mem(const cred_t *);
 int secpolicy_rpcmod_open(const cred_t *);