Hello everybody
Forgive me, if this subject has already been mentioned here, but I
simply couldn't find answer anywhere.
Few days ago I started system-config-securitylevel. I found something
interesting in "Modify SELinux policies". A memory protection - there
are four options in there. Two of them are enabled, with a description
that if having this enabled is required by some program, it should be
reported to bugzilla. I didn't do it, because of very strange effects
after turning it off.
Disabling
"Allow all executable files to map memory areas as executable and
readable, which is dangerous and such program should be reported to
bugzilla"
and
"Allow all executable files to mark stack as executable.That shouldn't
ever be required"
option(translation from polish) made system act very strange. First
thing I've observed was that Kobo game stopped working. GMPC stopped
playing. Also stuff outside of Fedora like Java and NVidia drivers
failed. So I should have "reported to bugzilla" to many application to
make it have any sense. Such bug report would be only annoying but
according to system-config-securitylevel...
What is it with these two options? To make everything work properly they
should be enabled, but their description that they should be disabled is
confusing.
Thank you and forgive me any mess I've done by this post
--
Pozdrawiam - Kamil J. Dudek