diff options
| author | Richard Lowe <richlowe@richlowe.net> | 2014-04-16 02:39:14 +0100 |
|---|---|---|
| committer | Richard Lowe <richlowe@richlowe.net> | 2016-10-15 12:02:16 -0400 |
| commit | d2a70789f056fc6c9ce3ab047b52126d80b0e3da (patch) | |
| tree | bcf5eedbc5aeec80cac59ea37052e3b87108c253 /exception_lists | |
| parent | 8ab1c3f559468e655c4eb8acce993320403dd72b (diff) | |
| download | illumos-joyent-d2a70789f056fc6c9ce3ab047b52126d80b0e3da.tar.gz | |
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (ASLR)
7031 noexec_user_stack should be a security-flag
7032 want a means to forbid mappings around NULL
Reviewed by: Robert Mustacchi <rm@joyent.com>
Reviewed by: Josef 'Jeff' Sipek <jeffpc@josefsipek.net>
Reviewed by: Patrick Mooney <pmooney@joyent.com>
Approved by: Dan McDonald <danmcd@omniti.com>
Diffstat (limited to 'exception_lists')
| -rw-r--r-- | exception_lists/check_rtime | 1 | ||||
| -rw-r--r-- | exception_lists/manlint | 5 |
2 files changed, 6 insertions, 0 deletions
diff --git a/exception_lists/check_rtime b/exception_lists/check_rtime index 75782315c7..306ef3fe63 100644 --- a/exception_lists/check_rtime +++ b/exception_lists/check_rtime @@ -72,6 +72,7 @@ EXEC_DATA ^platform/.*/multiboot$ # Objects that are allowed to have an executable stack EXEC_STACK ^platform/.*/MACH(kernel)/unix$ EXEC_STACK ^platform/.*/multiboot$ +EXEC_STACK ^opt/os-tests/tests/secflags/stacky$ # Objects for which we allow relocations to the text segment TEXTREL ^platform/.*/MACH(kernel)/unix$ diff --git a/exception_lists/manlint b/exception_lists/manlint index f6ced61996..5982ac5cec 100644 --- a/exception_lists/manlint +++ b/exception_lists/manlint @@ -12,3 +12,8 @@ # Copyright 2016 Toomas Soome <tsoome@me.com> # usr/src/boot/* +# Not actually a manual page +usr/src/cmd/svc/dtd/service_bundle.dtd.1 +usr/src/lib/libbsm/adt_record.dtd.1 +usr/src/lib/libbsm/adt_record.xsl.1 +usr/src/lib/libzonecfg/dtd/zonecfg.dtd.1 |