#738: ghc can't load files with selinux Enforcing
----------------------------------------+-----------------------------------
Reporter: [EMAIL PROTECTED] | Owner:
Type: feature request | Status: reopened
Priority: normal | Milestone: 6.10 branch
Component: Runtime System | Version: 6.6.1
Severity: normal | Resolution:
Keywords: selinux | Difficulty: Unknown
Testcase: | Architecture: x86
Os: Linux |
----------------------------------------+-----------------------------------
Comment (by duncan):
I think the point is that there is no area of memory that is both writable
and executable at the same time. Apparently common stack/heap overflow
exploits rely on this. I guess the idea is that some exploits rely on
being able to trick the program they are attacking into writing some bit
of memory and then running from it, but the attacker is not able to trick
the program into making system calls to change memory protection.
There is still the issue that the attacker could work out the two
addresses where the same physical memory is available with different
protections but this is probably harder, especially with mmap address
randomisation.
Other systems that use libffi will also have this problem with selinux so
it might be worth seeing how they do it.
--
Ticket URL: <http://hackage.haskell.org/trac/ghc/ticket/738#comment:16>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler
_______________________________________________
Glasgow-haskell-bugs mailing list
[email protected]
http://www.haskell.org/mailman/listinfo/glasgow-haskell-bugs
