diff --git a/rootdir/init.rc b/rootdir/init.rc index b2b904b72..5aae3fba5 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -13,6 +13,9 @@ on early-init # Set init and its forked children's oom_adj. write /proc/1/oom_score_adj -1000 + # Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls. + write /sys/fs/selinux/checkreqprot 0 + # Set the security context for the init process. # This should occur before anything else (e.g. ueventd) is started. setcon u:r:init:s0