I want to turn on a part of the kernel to make SELinux checking more stringent.
Alek Paunov
alex at declera.com
Sat Jan 25 00:29:15 UTC 2014
On 24.01.2014 21:20, Daniel J Walsh wrote:
>>
> No, we pretty much allow executable stack/memory from user processes now and
> block it for most daemons, except for those that need it. My understanding of
> this change is that the kernel was not doing complete checking, but most apps
> at this point do the right thing. We will turn it on in Rawhide and through
> the beta. If we see problems we will revert. It is now a one line change in
>
SELinux newbie question: Where the daemons exception is actually
defined. My practical interest is: What should be added to LuaJIT [1] to
be able to run e.g. non-packaged web servers like [2]?
Thanks,
Alek
[1] http://pkgs.fedoraproject.org/cgit/luajit.git/plain/luajit.spec
[2] https://github.com/kernelsauce/turbo
More information about the devel
mailing list