GIMP help shouldn't need execstack, should it?
Göran Uddeborg
goeran at uddeborg.se
Sat Jan 8 15:49:11 UTC 2011
Dominick Grift:
> JIT indeed is know to atleast "execmem", but i am not sure if the same
> applies to "execstack"
It appears not. My inital guesses about execstack seems to have been
wrong. But for some reason, enabling alllow_execstack ALSO makes the
help browser work.
> I think that help-browser needs to be labelled execmem_exec_t, see if
> that works for you.
It does.
> If it does then consider reporting it to selinux-policy
Done: https://bugzilla.redhat.com/show_bug.cgi?id=668162
> 4. i think JIT compilers generally need execmem, and that this from that
> perspective is not a bug.
Understood. I guess any using webkitgtk could need it then. But
there isn't any way to enable it for all using the library, but just
inside the library, is there?
More information about the selinux
mailing list