realplayer
Stephen Smalley
sds at epoch.ncsc.mil
Wed Oct 27 18:30:16 UTC 2004
On Wed, 2004-10-27 at 14:29, Russell Coker wrote:
> > Legacy binaries have their mmap(PROT_READ) requests translated to
> > PROT_READ|PROT_EXEC automatically by the kernel for backward
> > compatibility. Not an SELinux issue; SELinux is just checking
> > permissions based on what is being passed to it by the core kernel.
>
> So what is the solution?
You might be able to use execstack -c to explicitly mark the legacy
binary, or failing that, you have to rebuild it with a modern toolchain.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-selinux-list
mailing list