il_7029 Cdiff usr/src/cmd/svc/dtd/service

Print this page

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.


*** 534,543 ****
--- 534,544 ----
  -->
  <!ELEMENT method_context
          ( (method_profile | method_credential)?, method_environment? ) >
  
  <!ATTLIST method_context
+         security_flags          CDATA #IMPLIED
          working_directory       CDATA #IMPLIED
          project                 CDATA #IMPLIED
          resource_pool           CDATA #IMPLIED >
  
  <!-- Restarter delegation, methods, and monitors -->