Interesting reading on exec* access checks.
Yuichi Nakamura
himainu-ynakam at miomio.jp
Mon Dec 12 17:03:37 UTC 2005
Daniel J Walsh wrote:
> http://people.redhat.com/drepper/selinux-mem.html
I have basic question about these permissions.
Fedora Core already have "Exec Shield" to prevent execution of malicious code on memory.
I can not understand relationship between exec shield and these permissions.
What is good point of these permissions?
In other words,
I would like to know
"Attack that can not be prevented by exec shield,
but can be prevented by these permissions(exec* permissions)".
Does anyone know ?
Yuichi Nakamura
More information about the fedora-selinux-list
mailing list