... | ... | @@ -33,4 +33,74 @@ The following applications need special handling with respect to exploit mitigat |
|
|
mprotect: false,
|
|
|
pageexec: false,
|
|
|
]
|
|
|
} |
|
|
\ No newline at end of file |
|
|
}
|
|
|
|
|
|
## Java
|
|
|
### Incompatibilities
|
|
|
* PAGEEXEC
|
|
|
* MPROTECT
|
|
|
|
|
|
### secadm rules
|
|
|
{
|
|
|
"path": "/usr/local/openjdk7/bin/appletviewer",
|
|
|
"features": {
|
|
|
"mprotect": false,
|
|
|
"pageexec": false,
|
|
|
},
|
|
|
},
|
|
|
{
|
|
|
"path": "/usr/local/openjdk7/bin/java",
|
|
|
"features": {
|
|
|
"mprotect": false,
|
|
|
"pageexec": false,
|
|
|
},
|
|
|
},
|
|
|
{
|
|
|
"path": "/usr/local/openjdk7/bin/javac",
|
|
|
"features": {
|
|
|
"mprotect": false,
|
|
|
"pageexec": false,
|
|
|
},
|
|
|
},
|
|
|
{
|
|
|
"path": "/usr/local/openjdk8/bin/java",
|
|
|
"features": {
|
|
|
"mprotect": false,
|
|
|
"pageexec": false,
|
|
|
},
|
|
|
},
|
|
|
{
|
|
|
"path": "/usr/local/openjdk8/bin/javac",
|
|
|
"features": {
|
|
|
"mprotect": false,
|
|
|
"pageexec": false,
|
|
|
},
|
|
|
},
|
|
|
{
|
|
|
"path": "/usr/local/openjdk8/jre/bin/java",
|
|
|
"features": {
|
|
|
"mprotect": false,
|
|
|
"pageexec": false,
|
|
|
},
|
|
|
},
|
|
|
{
|
|
|
"path": "/usr/local/openjdk7/jre/bin/java",
|
|
|
"features": {
|
|
|
"mprotect": false,
|
|
|
"pageexec": false,
|
|
|
},
|
|
|
},
|
|
|
{
|
|
|
"path": "/usr/local/bin/mongo"
|
|
|
"features": {
|
|
|
"mprotect": false,
|
|
|
"pageexec": false,
|
|
|
},
|
|
|
},
|
|
|
{
|
|
|
"path": "/usr/local/bin/mongod"
|
|
|
"features": {
|
|
|
"mprotect": false,
|
|
|
"pageexec": false,
|
|
|
},
|
|
|
}, |
|
|
\ No newline at end of file |