Lines 40-46
enum {
Link Here
|
40 |
* Security-relevant compatibility flags that must be |
40 |
* Security-relevant compatibility flags that must be |
41 |
* cleared upon setuid or setgid exec: |
41 |
* cleared upon setuid or setgid exec: |
42 |
*/ |
42 |
*/ |
43 |
-#define PER_CLEAR_ON_SETID (READ_IMPLIES_EXEC|ADDR_NO_RANDOMIZE) |
43 |
-#define PER_CLEAR_ON_SETID (READ_IMPLIES_EXEC|ADDR_NO_RANDOMIZE) |
44 |
+#define PER_CLEAR_ON_SETID |
44 |
+#define PER_CLEAR_ON_SETID |
45 |
(READ_IMPLIES_EXEC|ADDR_NO_RANDOMIZE|ADDR_COMPAT_LAYOUT|MMAP_PAGE_ZERO) |
45 |
(READ_IMPLIES_EXEC|ADDR_NO_RANDOMIZE|ADDR_COMPAT_LAYOUT|MMAP_PAGE_ZERO) |
46 |
/* |
46 |
/* |
47 |
|
47 |
|