Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.
*** 117,126 ****
--- 117,127 ----
table_init(AUT_IPC_PERM, "IPC_perm", s5_IPC_perm_token, T_ENCLOSED);
table_init(AUT_GROUPS, "group", group_token, T_ELEMENT);
table_initx(AUT_LABEL, "sensitivity label", "sensitivity_label",
label_token, T_ELEMENT);
table_init(AUT_PRIV, "privilege", privilege_token, T_EXTENDED);
+ table_init(AUT_SECFLAGS, "secflags", secflags_token, T_EXTENDED);
table_initx(AUT_UPRIV, "use of privilege", "use_of_privilege",
useofpriv_token, T_EXTENDED);
table_init(AUT_LIAISON, "liaison", liaison_token, T_ELEMENT);
table_init(AUT_NEWGROUPS, "group", newgroup_token, T_ELEMENT);
table_init(AUT_EXEC_ARGS, "exec_args", exec_args_token, T_ELEMENT);