[PATCH] selinux: add executable heap check

This patch,based on sample code by Roland McGrath, adds an execheap permission check that controls the ability to make the heap executable so that this can be prevented in almost all cases (the X server is presently an exception, but this will hopefully be resolved in the future) so that even programs with execmem permission will need to have the anonymous memory mapped in order to make it executable. The only reason that we use a permission check for such restriction (vs. making it unconditional) is that the X module loader presently needs it; it could possibly be made unconditional in the future when X is changed. The policy patch for the execheap permission is available at: http://pearls.tuxedo-es.org/patches/selinux/policy-execheap.patch Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@gnu.org> Acked-by: James Morris <jmorris@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Cc: Ingo Molnar <mingo@elte.hu> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2025-06-17 20:25:19 +00:00 · 2005-06-25 14:54:35 -07:00 · 2005-06-25 14:54:35 -07:00 · 09ffd94fb1
commit 09ffd94fb1
parent 6b9921976f
3 changed files with 13 additions and 0 deletions
--- a/security/selinux/include/av_perm_to_string.h
+++ b/security/selinux/include/av_perm_to_string.h
@ -71,6 +71,7 @@
   S_(SECCLASS_PROCESS, PROCESS__SETCURRENT, "setcurrent")
   S_(SECCLASS_PROCESS, PROCESS__EXECMEM, "execmem")
   S_(SECCLASS_PROCESS, PROCESS__EXECSTACK, "execstack")
+   S_(SECCLASS_PROCESS, PROCESS__EXECHEAP, "execheap")
   S_(SECCLASS_MSGQ, MSGQ__ENQUEUE, "enqueue")
   S_(SECCLASS_MSG, MSG__SEND, "send")
   S_(SECCLASS_MSG, MSG__RECEIVE, "receive")