I want to turn on a part of the kernel to make SELinux checking more stringent.

Alek Paunov alex at declera.com
Sat Jan 25 00:29:15 UTC 2014

On 24.01.2014 21:20, Daniel J Walsh wrote:
> No, we pretty much allow executable stack/memory from user processes now and
> block it for most daemons, except for those that need it.  My understanding of
> this change is that the kernel was not doing complete checking, but most apps
> at this point do the right thing.  We will turn it on in Rawhide and through
> the beta.  If we see problems we will revert.  It is now a one line change in

SELinux newbie question: Where the daemons exception is actually 
defined. My practical interest is: What should be added to LuaJIT [1] to 
be able to run e.g. non-packaged web servers like [2]?


[1] http://pkgs.fedoraproject.org/cgit/luajit.git/plain/luajit.spec
[2] https://github.com/kernelsauce/turbo

More information about the devel mailing list