This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author christian.heimes
Recipients arigo, christian.heimes, eryksun
Date 2016-09-03.10:07:27
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1472897248.23.0.810503651354.issue25653@psf.upfronthosting.co.za>
In-reply-to
Content 
Thanks Armin,

I didn't know that your reported the bug in bugs.python.org until today. Last year Armin and I spent a good amount of time to analyse the situation. Armin was able to come up with a different callback implementation for cffi that that does not use W/X memory mappings.

The problem affects mod_wsgi applications on SELinux systems (Fedora, CentOS, RHEL). For security reasons SELinux prevents Apache HTTPD to have writeable and executable memory pages. FFI callbacks with dynamic closures either require the fd workaround (which is buggy) or the application segfaults.

https://bugzilla.redhat.com/show_bug.cgi?id=1277224
https://bugzilla.redhat.com/show_bug.cgi?id=1337141
https://bugzilla.redhat.com/show_bug.cgi?id=1249685
History
Date User Action Args
2016-09-03 10:07:28christian.heimessetrecipients: + christian.heimes, arigo, eryksun
2016-09-03 10:07:28christian.heimessetmessageid: <1472897248.23.0.810503651354.issue25653@psf.upfronthosting.co.za>
2016-09-03 10:07:28christian.heimeslinkissue25653 messages
2016-09-03 10:07:27christian.heimescreate