Summary: | net-im/skype can be paxmarked | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Matthew Thode ( prometheanfire ) <prometheanfire> |
Component: | Current packages | Assignee: | Matthew Thode ( prometheanfire ) <prometheanfire> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | hardened |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 365825 | ||
Bug Blocks: |
Description
Matthew Thode ( prometheanfire )
2011-05-02 15:44:48 UTC
Not sure what and how you tested, but this has already been reported unworking... *** This bug has been marked as a duplicate of bug 302589 *** Samuli, I don't think it is a duplicate although they are heavily related, looks like skype removed the integrity checking code somehow as it works well now. I think we should keep this one for the discussion regarding adding the pax marking on the ebuild. Assigning to the proper people I can also confirm this bug. I have used paxctl -Cm /opt/skype/skype for over 2 months and it works for me. I use skype for over a year now on my hardened/SELinux/PaX-enabled system without problems. My skype.postinst contains "paxctl -Cme /opt/skype/skype", I'll test without the "-e" later. `paxctl -Cm /opt/skype/skype` works fine for me too on net-im/skype-2.2.0.35-r1, no needs in EMUTRAMP. ARCH x86. Any chance this paxmarking will be added into ebuild, to let me drop /etc/portage/bashrc.d/net-im/skype.postinst hack? Current ebuild actually inherit pax-utils but doesn't use it. I'll see about working on this (was off my radar since it was opened before devship). it is net-im/skype-2.2.0.35-r1 in the tree, please test |