Print this page 
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.


 519         working_directory The home directory to launch the method from.
 520                 ":default" can be used as a token to indicate use of the
 521                 user specified by the credential or profile specified.
 522 
 523         project The project ID, in numeric or text form.  ":default" can
 524                 be used as a token to indicate use of the project
 525                 identified by getdefaultproj(3PROJECT) for the non-root
 526                 user specified by the credential or profile specified.
 527                 If the user is root, ":default" designates the project
 528                 the restarter is running in.
 529 
 530         resource_pool The resource pool name to launch the method on.
 531                 ":default" can be used as a token to indicate use of the
 532                 pool specified in the project(4) entry given in the
 533                 "project" attribute above.
 534 -->
 535 <!ELEMENT method_context
 536         ( (method_profile | method_credential)?, method_environment? ) >
 537 
 538 <!ATTLIST method_context

 539         working_directory       CDATA #IMPLIED
 540         project                 CDATA #IMPLIED
 541         resource_pool           CDATA #IMPLIED >
 542 
 543 <!-- Restarter delegation, methods, and monitors -->
 544 
 545 <!--
 546   exec_method
 547 
 548     This element describes one of the methods used by the designated
 549     restarter to act on the service instance.  Its interpretation is
 550     left to the restarter to which a particular service instance is
 551     delegated.  It contains a set of attributes, an optional method
 552     context, and an optional stability element for the optional
 553     properties that can be included.
 554 
 555     Its attributes are
 556 
 557         type    The type of method, either "method" or "monitor".
 558 




 519         working_directory The home directory to launch the method from.
 520                 ":default" can be used as a token to indicate use of the
 521                 user specified by the credential or profile specified.
 522 
 523         project The project ID, in numeric or text form.  ":default" can
 524                 be used as a token to indicate use of the project
 525                 identified by getdefaultproj(3PROJECT) for the non-root
 526                 user specified by the credential or profile specified.
 527                 If the user is root, ":default" designates the project
 528                 the restarter is running in.
 529 
 530         resource_pool The resource pool name to launch the method on.
 531                 ":default" can be used as a token to indicate use of the
 532                 pool specified in the project(4) entry given in the
 533                 "project" attribute above.
 534 -->
 535 <!ELEMENT method_context
 536         ( (method_profile | method_credential)?, method_environment? ) >
 537 
 538 <!ATTLIST method_context
 539         security_flags          CDATA #IMPLIED
 540         working_directory       CDATA #IMPLIED
 541         project                 CDATA #IMPLIED
 542         resource_pool           CDATA #IMPLIED >
 543 
 544 <!-- Restarter delegation, methods, and monitors -->
 545 
 546 <!--
 547   exec_method
 548 
 549     This element describes one of the methods used by the designated
 550     restarter to act on the service instance.  Its interpretation is
 551     left to the restarter to which a particular service instance is
 552     delegated.  It contains a set of attributes, an optional method
 553     context, and an optional stability element for the optional
 554     properties that can be included.
 555 
 556     Its attributes are
 557 
 558         type    The type of method, either "method" or "monitor".
 559