[Mono-bugs] [Bug 77653][Nor] New - mono and SELinux don't get along
too well
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Mon Feb 27 12:31:52 EST 2006
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by rstrode at redhat.com.
http://bugzilla.ximian.com/show_bug.cgi?id=77653
--- shadow/77653 2006-02-27 12:31:52.000000000 -0500
+++ shadow/77653.tmp.6420 2006-02-27 12:31:52.000000000 -0500
@@ -0,0 +1,33 @@
+Bug#: 77653
+Product: Mono: Runtime
+Version: 1.1
+OS:
+OS Details:
+Status: NEW
+Resolution:
+Severity:
+Priority: Normal
+Component: misc
+AssignedTo: mono-bugs at ximian.com
+ReportedBy: rstrode at redhat.com
+QAContact: mono-bugs at ximian.com
+TargetMilestone: ---
+URL:
+Cc:
+Summary: mono and SELinux don't get along too well
+
+From
+
+https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=182965
+
+"mono requires execmem to run. SELinux can not happen because the executable
+needs execment to even get started.
+
+Basically I get an execmem failure from unconfined_t before mono starts.
+If I allow execmem in SELinux mono will transition to mono_t but I get an
+auditallow granted message for unconfined_t.
+
+ELF file has a RWE segment, which triggers the denial when the kernel ELF
+loader tries to mmap it with those protections, IIUC. This happens prior
+to switching credentials, so it happens in the caller's context rather than
+the new domain. Build or code problem in mono."
More information about the mono-bugs
mailing list