On Fri, 2005-01-28 at 11:38, Tom London wrote:
Running strict/enforcing, today's Rawhide.
Noticed the avcs below in the log.
I believe the java one may be from the sun JVM I have installed....
xscreensaver and helixplayer ones are new.
My understanding is that I need to set the boolean 'allow_execmod' to
allow this kind of thing (although nothing appears broken....)
Do I have that correct?
I think that the allow_execmod boolean only allows execmod permission to
files labeled with the new texrel_shlib_t type. Or at least that is
what it should do. Any existing occurrences of execmod permission in
the policy should be changed to use texrel_shlib_t now that it is
defined, and then any DSOs that require it should be relabeled to that
type.
--
Stephen Smalley <sds(a)epoch.ncsc.mil>
National Security Agency