Re: SELinux removed from desktop cd spin?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jan 18, 2008 at 08:30:44AM -0500, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Olivier Galibert wrote:
> > On Thu, Jan 17, 2008 at 01:48:42PM -0500, Daniel J Walsh wrote:
> >> <tunable name="allow_execmem" dftval="false">
> >> <desc>
> >> <p>
> >> Allow unconfined executables to map a memory region as both executable
> >> and writable, this is dangerous and the executable should be reported in
> >> bugzilla")
> > 
> > That should be "to map a file in a memory region", as UD's page
> > explains.  Otherwise anyone who knows a little about dynamic
> > recompilers/JITs is gonna go "huh?".
> > 
> >   OG.
> > 
> Bad cut and paste.  The one I pasted was for allow_execmem.  Where the
> definition is correct.

You mean Ulrich's page is incorrect then?  I indeed had noticed it was
about execmem.


> java/mono apps are not confined by this, since
> they run under a different context.

Java/Mono are not the only programs with dynamic code generators in
them.

  OG.

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux