Re: selinux and legacy "compat" application in FC5

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: selinux and legacy "compat" application in FC5
From: Chris Jones <jonesc@xxxxxxxxxxxxxxxxx>
Date: Tue, 28 Mar 2006 10:34:33 +0100
In-reply-to: <e09tde$9kd$1@xxxxxxxxxxxxx>
Organization: University of Cambridge
References: <200603280020.11103.jonesc@xxxxxxxxxxxxxxxxx> <e09tde$9kd$1@xxxxxxxxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla Thunderbird 1.0.7-1.4.1.SL3 (X11/20051013)


Look into the setsebool command and the allow_execheap boolean.


Thanks. That was the hint I needed. In the end I need to issue

 > setsebool allow_execheap=true allow_execmod=true

Before I make this change permanent, what the the security implicationsof this ?


cheers Chris

Follow-Ups:
- Re: selinux and legacy "compat" application in FC5
  - From: Paul Howarth

References:
- selinux and legacy "compat" application in FC5
  - From: Chris Jones
- Re: selinux and legacy "compat" application in FC5
  - From: Ian Pilcher