allow_execstack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Look what I've found regarding stack execution:

=======================================================================
execstack :: As the name suggests, this error is raised if a program tries to make its stack (or parts thereof) executable with an mprotect call. This should never, ever be necessary. Stack memory is not executable on most OSes these days and this won't change. Executable stack memory is one of the biggest security problems. An execstack error might in fact be most likely raised by malicious code.

http://people.redhat.com/drepper/selinux-mem.html
=======================================================================

$ cat /selinux/booleans/allow_execstack
1 1
$ cat /etc/redhat-release
Fedora release 10 (Cambridge)

I haven't changed this setting manually since system install so I guess this is a bug in the Fedora policy?

BTW what does the 1st "1", and what does the 2nd "1" in /selinux/booleans/allow_execstack stand for?

Thanks!
STF

=======================================================================
http://eisenbits.homelinux.net/~stf/
OpenPGP: DFD9 0146 3794 9CF6 17EA  D63F DBF5 8AA8 3B31 FE8A
=======================================================================

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux