Re: [FC3] kernel panic after selinux-policy-targeted update

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2005-06-29 at 12:12 -0300, Mart�Marqu�wrote:
> Shouldn't the update of selinux-policy-targeted force a kernel update to 
> -1.35_FC3?

The problem with older kernels wasn't known at the time, and we still
aren't sure what is causing the pervasive execmod problem in the older
kernels.  The SELinux code itself should be the same, so it seems to be
a side effect of some kernel patch that changed between -1.27 and -1.35.
Now, there will still be some execmod denials with -1.35 and the policy
needs some changes to address those denials, but those are limited to
actual cases where you have a text relocation (e.g. gpg, acroread, ...),
not programs like /sbin/init.  

-- 
Stephen Smalley
National Security Agency


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux