From: "Justin M. Forbes" <[email protected]> From https://www.paul-moore.com/blog/d/2020/06/linux_v57.html
"Deprecate setting â/sys/fs/selinux/checkreqprotâ to 1. This flag was originally created to deal with legacy userspace and the READ_IMPLIES_EXEC personality flag. We changed the default from 1 to 0 back in Linux v4.4 and now we are taking the next step of deprecating it, at some point in the future we will take the final step of rejecting 1." Signed-off-by: Justin M. Forbes <[email protected]> --- .../common/generic/CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/redhat/configs/common/generic/CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE b/redhat/configs/common/generic/CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE index 47810c7e452a..9fefaf319b27 100644 --- a/redhat/configs/common/generic/CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE +++ b/redhat/configs/common/generic/CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE @@ -1 +1 @@ -CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1 +CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0 -- 2.26.2 _______________________________________________ kernel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
