il_7029 Sdiff usr/src/cmd/praudit/toktable.c

Print this page

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

 102         table_init(AUT_IP, "ip", ip_token, T_ENCLOSED);
 103         table_initx(AUT_IPORT, "ip port", "ip_port",
 104             iport_token, T_ELEMENT);
 105         table_init(AUT_ARG32, "argument", argument32_token, T_ENCLOSED);
 106         table_initx(AUT_SOCKET, "socket", "old_socket",
 107             socket_token, T_ENCLOSED);
 108         table_init(AUT_SEQ, "sequence", sequence_token, T_ENCLOSED);
 109 
 110         /*
 111          * Modifier token types
 112          */
 113 
 114         table_init(AUT_ACL, "acl", acl_token, T_ENCLOSED);
 115         table_init(AUT_ACE, "acl", ace_token, T_ENCLOSED);
 116         table_init(AUT_ATTR, "attribute", attribute_token, T_ENCLOSED);
 117         table_init(AUT_IPC_PERM, "IPC_perm", s5_IPC_perm_token, T_ENCLOSED);
 118         table_init(AUT_GROUPS, "group", group_token, T_ELEMENT);
 119         table_initx(AUT_LABEL, "sensitivity label", "sensitivity_label",
 120             label_token, T_ELEMENT);
 121         table_init(AUT_PRIV, "privilege", privilege_token, T_EXTENDED);

 122         table_initx(AUT_UPRIV, "use of privilege", "use_of_privilege",
 123             useofpriv_token, T_EXTENDED);
 124         table_init(AUT_LIAISON, "liaison", liaison_token, T_ELEMENT);
 125         table_init(AUT_NEWGROUPS, "group", newgroup_token, T_ELEMENT);
 126         table_init(AUT_EXEC_ARGS, "exec_args", exec_args_token, T_ELEMENT);
 127         table_init(AUT_EXEC_ENV, "exec_env", exec_env_token, T_ELEMENT);
 128         table_init(AUT_ATTR32, "attribute", attribute32_token, T_ENCLOSED);
 129         table_initx(AUT_UAUTH, "use of authorization",
 130             "use_of_authorization", useofauth_token, T_ELEMENT);
 131         table_init(AUT_USER, "user", user_token, T_ENCLOSED);
 132         table_init(AUT_ZONENAME, "zone", zonename_token, T_ENCLOSED);
 133 
 134         /*
 135          * X windows token types
 136          */
 137         table_initx(AUT_XATOM, "X atom", "X_atom", xatom_token, T_ELEMENT);
 138         table_initx(AUT_XOBJ, "X object", "X_object", NOFUNC, T_UNKNOWN);
 139         table_initx(AUT_XPROTO, "X protocol", "X_protocol", NOFUNC, T_UNKNOWN);
 140         table_initx(AUT_XSELECT, "X selection", "X_selection",
 141             xselect_token, T_ELEMENT);

 102         table_init(AUT_IP, "ip", ip_token, T_ENCLOSED);
 103         table_initx(AUT_IPORT, "ip port", "ip_port",
 104             iport_token, T_ELEMENT);
 105         table_init(AUT_ARG32, "argument", argument32_token, T_ENCLOSED);
 106         table_initx(AUT_SOCKET, "socket", "old_socket",
 107             socket_token, T_ENCLOSED);
 108         table_init(AUT_SEQ, "sequence", sequence_token, T_ENCLOSED);
 109 
 110         /*
 111          * Modifier token types
 112          */
 113 
 114         table_init(AUT_ACL, "acl", acl_token, T_ENCLOSED);
 115         table_init(AUT_ACE, "acl", ace_token, T_ENCLOSED);
 116         table_init(AUT_ATTR, "attribute", attribute_token, T_ENCLOSED);
 117         table_init(AUT_IPC_PERM, "IPC_perm", s5_IPC_perm_token, T_ENCLOSED);
 118         table_init(AUT_GROUPS, "group", group_token, T_ELEMENT);
 119         table_initx(AUT_LABEL, "sensitivity label", "sensitivity_label",
 120             label_token, T_ELEMENT);
 121         table_init(AUT_PRIV, "privilege", privilege_token, T_EXTENDED);
 122         table_init(AUT_SECFLAGS, "secflags", secflags_token, T_EXTENDED);
 123         table_initx(AUT_UPRIV, "use of privilege", "use_of_privilege",
 124             useofpriv_token, T_EXTENDED);
 125         table_init(AUT_LIAISON, "liaison", liaison_token, T_ELEMENT);
 126         table_init(AUT_NEWGROUPS, "group", newgroup_token, T_ELEMENT);
 127         table_init(AUT_EXEC_ARGS, "exec_args", exec_args_token, T_ELEMENT);
 128         table_init(AUT_EXEC_ENV, "exec_env", exec_env_token, T_ELEMENT);
 129         table_init(AUT_ATTR32, "attribute", attribute32_token, T_ENCLOSED);
 130         table_initx(AUT_UAUTH, "use of authorization",
 131             "use_of_authorization", useofauth_token, T_ELEMENT);
 132         table_init(AUT_USER, "user", user_token, T_ENCLOSED);
 133         table_init(AUT_ZONENAME, "zone", zonename_token, T_ENCLOSED);
 134 
 135         /*
 136          * X windows token types
 137          */
 138         table_initx(AUT_XATOM, "X atom", "X_atom", xatom_token, T_ELEMENT);
 139         table_initx(AUT_XOBJ, "X object", "X_object", NOFUNC, T_UNKNOWN);
 140         table_initx(AUT_XPROTO, "X protocol", "X_protocol", NOFUNC, T_UNKNOWN);
 141         table_initx(AUT_XSELECT, "X selection", "X_selection",
 142             xselect_token, T_ELEMENT);