Re: I want to turn on a part of the kernel to make SELinux checking more stringent.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 24.01.2014 21:20, Daniel J Walsh wrote:

No, we pretty much allow executable stack/memory from user processes now and
block it for most daemons, except for those that need it.  My understanding of
this change is that the kernel was not doing complete checking, but most apps
at this point do the right thing.  We will turn it on in Rawhide and through
the beta.  If we see problems we will revert.  It is now a one line change in


SELinux newbie question: Where the daemons exception is actually defined. My practical interest is: What should be added to LuaJIT [1] to be able to run e.g. non-packaged web servers like [2]?

Thanks,
Alek

[1] http://pkgs.fedoraproject.org/cgit/luajit.git/plain/luajit.spec
[2] https://github.com/kernelsauce/turbo

--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux