Opened 13 years ago
Last modified 13 years ago
#1043 reopened Defect
does boinc really need execmem selinux privileges?
| Reported by: | mjakubicek | Owned by: | davea |
|---|---|---|---|
| Priority: | Undetermined | Milestone: | Undetermined |
| Component: | Client - Daemon | Version: | 6.10.58 |
| Keywords: | Cc: | mjakubicek |
Description
Please have a look at https://bugzilla.redhat.com/show_bug.cgi?id=665453.
In short: boinc project already have the execmem privilege, now it looks like even boinc needs it, which seems to be a bug.
Change History (6)
comment:1 Changed 13 years ago by
| Resolution: | → wontfix |
|---|---|
| Status: | new → closed |
comment:2 Changed 13 years ago by
| Resolution: | wontfix |
|---|---|
| Status: | closed → reopened |
It would be a problem with the Red Hat installer if the privilege was needed and it wasn't being granted. The question is if BOINC needs it.
"the boinc developers/packagers should explain why it needs this access or fix it so it does not"
comment:3 Changed 13 years ago by
Nicolas, thanks, that's exactly the problem, so let me repeat it:
It is not a problem to grant the privileges for BOINC, but there seems to be no reason for BOINC (note: boinc client, NOT the boinc app) to have it.
comment:4 Changed 13 years ago by
ping -- could somebody please explain? please refer to http://www.akkadia.org/drepper/selinux-mem.html for possible causes.
comment:5 Changed 13 years ago by
Do you still get the error? Can you get a backtrace from the system call that triggered the SELinux check?
comment:6 Changed 13 years ago by
AFAIK, nothing in BOINC (manager, client, or applications) uses PROT_EXEC anywhere, so they don't need the execmem privilege.
What exactly is the problem here? Nothing in BOINC uses SELinux features.
seems like an issue with the Red Hat installer, not w/ BOINC