On Wed, 2004-10-27 at 14:29, Russell Coker wrote: > > Legacy binaries have their mmap(PROT_READ) requests translated to > > PROT_READ|PROT_EXEC automatically by the kernel for backward > > compatibility. Not an SELinux issue; SELinux is just checking > > permissions based on what is being passed to it by the core kernel. > > So what is the solution? You might be able to use execstack -c to explicitly mark the legacy binary, or failing that, you have to rebuild it with a modern toolchain. -- Stephen Smalley <sds@xxxxxxxxxxxxxx> National Security Agency
