-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/06/2013 06:55 PM, nonamedotc wrote: > Could anyone please shed some light on this selinux warning? > > SELinux is preventing /usr/bin/python2.7 from using the execmem access on > a process. > > Plugin: catchall you want to allow python2.7 to have execmem access on the > processIf you believe that python2.7 should be allowed execmem access on > processes labeled blueman_t by default. You should report this as a bug. > You can generate a local policy module to allow this access. Allow this > access for now by executing: # grep blueman-mechani > /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp > > > This selinux alert appears on every login. Thanks. > http://www.akkadia.org/drepper/selinux-mem.html execmem access is basically allowing an application to write and execute the same memory. This is required for most buffer overflow attacks. We prevent most confined applications from this access. Some tools need this kind of access, usually needed for JIT compiled apps like mono and java. But few applications actually need it. What avc did you get? Did you open a bugzilla with selinux-policy or bluman? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlDrCz0ACgkQrlYvE4MpobNFtwCguO2SfFhjqllesTm/cJjSXsk+ LLQAoL58MoZGm3DgYRBvZYsYPKzfEAa4 =FYNK -----END PGP SIGNATURE----- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
