[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

selinux execmem and sigaltstack



Hi,

I am trying to figure out how to properly allocate memory for
sigaltstack in all cases. This is for MLton, which I maintain in Fedora.

Here is the problem: originally, MLton was not using PROT_EXEC for areas
of memory used with sigaltstack. This was causing parisc to fail, since
it uses trampolines on the stack.

http://mlton.org/pipermail/mlton/2004-December/026512.html

Now Fedora 9 tightens the default selinux booleans and by default
mprotect with PROT_EXEC will fail. I want to fix MLton upstream to work
correctly. Should I special case systems that require PROT_EXEC? Or is
there a more correct way to allocate memory for it?

Might this mean that sigaltstack() programs under SELinux on certain
architectures must run in unconfined_u:object_r:unconfined_execmem_exec_t ?



Thanks,

Adam

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]