No most likely the suid file should be fine with SELInux. Only a
confined user would
be prevented from using it.
On 04/20/2016 07:12 AM, Dave Love wrote:
I have a package to submit that has an suid binary. The packaging
guidelines say in that case you must
%global _hardened_build 1
and it turns on PIE/PIC. However, it doesn't do so on el6, at least.
Should flags be added by hand and, if so, exactly which?
Also, does an suid binary require something to be done for selinux? (I
know embarrassingly little about it, mainly working on HPC systems, for
which the instructions generally and unfortunately start with "turn off
selinx".)
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx