Hello. Kyle Moffett wrote: > Part of the reason that Fedora has a large quantity of that > restorecon and restorecond crap is that there is a certain amount of > broken binary software needing executable stack/heap (such as > flashplayer), programs without comprehensive or complete policies, or > programs which by definition need extra support for SELinux. I want to know how the kernel can know a request is coming from instructions from stack/heap memory. Is this executable stack/heap check is performed everytime by checking stack trace? Or, is this check performed just once when something mmap()-related requests occur? If the latter one, the kernel can't know a request is coming from instructions from stack/heap memory, can it?
Regards. - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
