[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

A question about allow_unconfined_mmap_low in f11 amd selinux



For people running wine or Crossover and using MS Office 2003 and related codes
it is necessary to do:
# setsebool -P allow_unconfined_mmap_low 1
To prevent AVC denials.

However there is recent publicity at 
http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/
which highlights that there is still a vulnerability in the kernel if this is
set.

For people running f11 with this boolean set how can one run wine and still
remain secure? i.e. what should an admin do to protect the system?


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]