execmod avcs from today's policy
Ivan Gyurdiev
ivg2 at cornell.edu
Sat Jan 29 17:42:20 UTC 2005
> However, existing code/applications do funny things with such memory
> mapped regions (like writing one word, like relocating, like ....), so
> we get these AVCs for them.
But that's a different kind of execmod denial than others I've seen -
I thought libs with text relocations all had this TEXTREL tag...
[phantom at cobra ~]$ readelf -d /usr/lib/libSDL-1.2.so.0.7.0|grep TEXTREL
0x00000016 (TEXTREL) 0x0
--
Ivan Gyurdiev <ivg2 at cornell.edu>
Cornell University
More information about the fedora-selinux-list
mailing list