il_7029 Cdiff usr/src/man/man5/privileges.5

Print this page

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.


*** 570,579 ****
--- 570,590 ----
  .RE
  
  .sp
  .ne 2
  .na
+ \fB\PRIV_PROC_SECFLAGS\fR
+ .ad
+ .sp .6
+ .RS 4n
+ Allow a process to manipulate the secflags of processes (subject to,
+ additionally, the ability to signal that process).
+ .RE
+ 
+ .sp
+ .ne 2
+ .na
  \fB\fBPRIV_PROC_SESSION\fR\fR
  .ad
  .sp .6
  .RS 4n
  Allow a process to send signals or trace processes outside its session.