[Mono-bugs] [Bug 77653][Nor] New - mono and SELinux don't get along too well

bugzilla-daemon at bugzilla.ximian.com bugzilla-daemon at bugzilla.ximian.com
Mon Feb 27 12:31:52 EST 2006

Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by rstrode at redhat.com.


--- shadow/77653	2006-02-27 12:31:52.000000000 -0500
+++ shadow/77653.tmp.6420	2006-02-27 12:31:52.000000000 -0500
@@ -0,0 +1,33 @@
+Bug#: 77653
+Product: Mono: Runtime
+Version: 1.1
+OS Details: 
+Status: NEW   
+Priority: Normal
+Component: misc
+AssignedTo: mono-bugs at ximian.com                            
+ReportedBy: rstrode at redhat.com               
+QAContact: mono-bugs at ximian.com
+TargetMilestone: ---
+Summary: mono and SELinux don't get along too well
+"mono requires execmem to run.  SELinux can not happen because the executable
+needs execment to even get started.
+Basically I get an execmem failure from unconfined_t before mono starts. 
+If I allow execmem in SELinux mono will transition to mono_t but I get an
+auditallow granted message for unconfined_t.
+ELF file has a RWE segment, which triggers the denial when the kernel ELF
+loader tries to mmap it with those protections, IIUC.  This happens prior
+to switching credentials, so it happens in the caller's context rather than
+the new domain. Build or code problem in mono."

More information about the mono-bugs mailing list