I've got the java wants to write, and execmem errors. audit2allow gives me this: allow httpd_sys_script_t nfs_t:file { execute execute_no_trans }; allow httpd_sys_script_t self:process { execmem getsched }; allow httpd_sys_script_t usr_t:file { execute execute_no_trans };
What would be the impact of implementing this policy on a server visible to the world? Would it open up some huge, known hole?
mark