I want to turn on a part of the kernel to make SELinux checking more stringent.
alex at declera.com
Sat Jan 25 00:29:15 UTC 2014
On 24.01.2014 21:20, Daniel J Walsh wrote:
> No, we pretty much allow executable stack/memory from user processes now and
> block it for most daemons, except for those that need it. My understanding of
> this change is that the kernel was not doing complete checking, but most apps
> at this point do the right thing. We will turn it on in Rawhide and through
> the beta. If we see problems we will revert. It is now a one line change in
SELinux newbie question: Where the daemons exception is actually
defined. My practical interest is: What should be added to LuaJIT  to
be able to run e.g. non-packaged web servers like ?
More information about the devel