Mike Cloaked <mike.cloaked <at> gmail.com> writes: > > Daniel J Walsh <dwalsh <at> redhat.com> writes: > > > > > On 11/04/2009 10:23 AM, mike cloaked wrote: > > > > By "moving forward" do you mean that one can, in f11, reset the > > > original boolean and set boolean mmap_low_allowed instead, in a > > > forthcoming policy update? > > > > > > Or is this a planned change coming for f12 but not yet policy in > > > earlier versions? > > > > > > Thanks > > > > > We have setroubleshoot plugins that explain exactly to the users what > they need to do to turn make their wine > > apps run. > > > > Does the dereference fix in kernel-2.6.30.9-96.fc11 address the issue raised > here or have I got this wrong? > I am somewhat confused by the following - I thought that if mmap_min_addr was >0 then you are not vulnerable. I also thought that installing wine, OR Crossover would set it to zero. I have Crossover installed and not wine, and just checked: [mike@home1 ~]$ cat /proc/sys/vm/mmap_min_addr 65536 This is an f11 box. I also set the boolean by doing # setsebool -P allow_unconfined_mmap_low 1 Now I have lost track whether this means I am vulnerable or not? I understand that installing wine would set mmap_min_addr to zero and make the machine vulnerable but can someone clarify so that I no longer confused? Thanks. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
