Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 838,847 **** --- 838,864 ---- The full size of the structure can be computed using PRIV_PRPRIV_SIZE(prpriv_t *). + secflags + This file contains the security-flags of the process. It contains a + description of the security flags associated with the process. + + typedef struct prsecflags { + uint32_t pr_version; /* ABI Versioning of this structure */ + secflagset_t pr_effective; /* Effective flags */ + secflagset_t pr_inherit; /* Inheritable flags */ + secflagset_t pr_lower; /* Lower flags */ + secflagset_t pr_upper; /* Upper flags */ + } prsecflags_t; + + + + The pr_version field is a version number for the structure, currently + PRSECFLAGS_VERSION_1. + sigact Contains an array of sigaction structures describing the current dispositions of all signals associated with the traced process (see sigaction(2)). Signal numbers are displaced by 1 from array indices, so that the action for signal number n appears in position n-1 of the
*** 2185,2195 **** readlink(2), readv(2), shmget(2), sigaction(2), sigaltstack(2), vfork(2), write(2), writev(2), _stack_grow(3C), readdir(3C), pthread_create(3C), pthread_join(3C), siginfo.h(3HEAD), signal.h(3HEAD), thr_create(3C), thr_join(3C), types32.h(3HEAD), ucontext.h(3HEAD), wait(3C), contract(4), core(4), process(4), ! lfcompile(5), privileges(5) DIAGNOSTICS Errors that can occur in addition to the errors normally associated with file system access: --- 2202,2212 ---- readlink(2), readv(2), shmget(2), sigaction(2), sigaltstack(2), vfork(2), write(2), writev(2), _stack_grow(3C), readdir(3C), pthread_create(3C), pthread_join(3C), siginfo.h(3HEAD), signal.h(3HEAD), thr_create(3C), thr_join(3C), types32.h(3HEAD), ucontext.h(3HEAD), wait(3C), contract(4), core(4), process(4), ! lfcompile(5), privileges(5), security-flags(5) DIAGNOSTICS Errors that can occur in addition to the errors normally associated with file system access:
*** 2318,2323 **** <sys/regset.h> are similar to but not the same as the types prgregset_t and prfpregset_t defined in <procfs.h>. ! March 31, 2013 PROC(4) --- 2335,2340 ---- <sys/regset.h> are similar to but not the same as the types prgregset_t and prfpregset_t defined in <procfs.h>. ! July 23, 2015 PROC(4)