-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Olivier Galibert wrote: > On Thu, Jan 17, 2008 at 01:48:42PM -0500, Daniel J Walsh wrote: >> <tunable name="allow_execmem" dftval="false"> >> <desc> >> <p> >> Allow unconfined executables to map a memory region as both executable >> and writable, this is dangerous and the executable should be reported in >> bugzilla") > > That should be "to map a file in a memory region", as UD's page > explains. Otherwise anyone who knows a little about dynamic > recompilers/JITs is gonna go "huh?". > > OG. > Bad cut and paste. The one I pasted was for allow_execmem. Where the definition is correct. java/mono apps are not confined by this, since they run under a different context. </tunable> <tunable name="allow_execmod" dftval="false"> <desc> <p> Allow all unconfined executables to use libraries requiring text relocation that are not labeled textrel_shlib_t") </p> </desc> </tunable> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkeQqgMACgkQrlYvE4MpobMllACfbUExz5TnteGJqrtJVpg+p7q6 f0EAoOX4qBNtr/svMG28E8X6sLYnBW2F =tFNe -----END PGP SIGNATURE----- -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
