[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

selinux execmem and sigaltstack


I am trying to figure out how to properly allocate memory for
sigaltstack in all cases. This is for MLton, which I maintain in Fedora.

Here is the problem: originally, MLton was not using PROT_EXEC for areas
of memory used with sigaltstack. This was causing parisc to fail, since
it uses trampolines on the stack.


Now Fedora 9 tightens the default selinux booleans and by default
mprotect with PROT_EXEC will fail. I want to fix MLton upstream to work
correctly. Should I special case systems that require PROT_EXEC? Or is
there a more correct way to allocate memory for it?

Might this mean that sigaltstack() programs under SELinux on certain
architectures must run in unconfined_u:object_r:unconfined_execmem_exec_t ?



Attachment: signature.asc
Description: OpenPGP digital signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]