Low-Hanging Fruit

• Audit filesystem privilege checks
• Audit permissions of all folders in the default install
• Audit all syscalls & ioctls (_control) for privilege checks.
  • _area functions probably need a lot of thinking here
• Run the userland as a non-privileged user
• Fuzz all in-tree parsers
  • driver settings format
  • message
  • rdef

Moderate

• W^X (now ​done for kernelspace)
• Don't allow opening files by inode (requires ABI break)
• devfs filemodes
• Spectre mitigations via GCC flags

Advanced

• ​NetBSD/FreeBSD's KLEAK: Detecting Kernel Memory Disclosures
• ​OpenBSD on mitigating ROP gadgets
• ​AT_BENEATH and other breakout mitigations for VFS'
• Meltdown?