Red Hat Bugzilla – Bug 196877
gaim2 needs to be mono_exec_t
Last modified: 2007-11-30 17:11:36 EST
With gaim2, there's the possibility of writing plugins in C#. This then means
that we end up needing to label /usr/bin/gaim as mono_exec_t for execmem permissions
This does scare me a little, though, as given gaim's less than stellar security
record, I'm not 100% sure that we really want to be doing this. Thoughts?
Adding Bressers, who may have security related opinions on this matter.
Gaim has had a fairly decent security track record as of late, but this still
worries me. Could it be possible to have the first packaged plugin that needs
this to set the label?
I imagine most gaim users do not install random plugins, which would make this
change more secuirty risk than feature.
For now Jeremy recommended that we disable mono in our build temporarily until
we decide, or come up with a better solution.
I don't care either way, as I disable selinux by default.
Upstream says that mono support is currently very non-functional, so it is
probably a good idea that we have this disabled for now anyway.