[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SELinux removed from desktop cd spin?



On Fri, Jan 18, 2008 at 08:30:44AM -0500, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Olivier Galibert wrote:
> > On Thu, Jan 17, 2008 at 01:48:42PM -0500, Daniel J Walsh wrote:
> >> <tunable name="allow_execmem" dftval="false">
> >> <desc>
> >> <p>
> >> Allow unconfined executables to map a memory region as both executable
> >> and writable, this is dangerous and the executable should be reported in
> >> bugzilla")
> > 
> > That should be "to map a file in a memory region", as UD's page
> > explains.  Otherwise anyone who knows a little about dynamic
> > recompilers/JITs is gonna go "huh?".
> > 
> >   OG.
> > 
> Bad cut and paste.  The one I pasted was for allow_execmem.  Where the
> definition is correct.

You mean Ulrich's page is incorrect then?  I indeed had noticed it was
about execmem.


> java/mono apps are not confined by this, since
> they run under a different context.

Java/Mono are not the only programs with dynamic code generators in
them.

  OG.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]