StarsAndBars14 |
12-25-2009 07:19 AM |
SELinux showing permissive type for firefox crash while set to enforcing
I have no idea what the hell happened, I was browsing the web and my firefox crashed on account of a call to "execmem."
Looking into the setroubleshoot logs, I see this:
Quote:
SELinux is preventing /usr/lib64/firefox-3.5.6/firefox "execmem" access.
Detailed Description:
[firefox has a permissive type (staff_t). This access was not denied.]
node=TechComm type=AVC msg=audit(1261746829.785:13538): avc: denied { execmem } for pid=3566 comm="firefox" scontext=staff_u:staff_r:staff_t:s0 tcontext=staff_u:staff_r:staff_t:s0 tclass=process
node=TechComm type=SYSCALL msg=audit(1261746829.785:13538): arch=c000003e syscall=10 success=yes exit=4294967424 a0=7f1d6e9da000 a1=1000 a2=5 a3=7fffff9c6300 items=0 ppid=3551 pid=3566 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="firefox" exe="/usr/lib64/firefox-3.5.6/firefox" subj=staff_u:staff_r:staff_t:s0 key=(null)
|
but looking at sestatus I see THIS:
Quote:
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 24
Policy from config file: targeted
|
I seriously want to know what the hell is going on. I'm running 3.6.32-63.fc12 as my current policy - did policy get misconfigured during the last update, or is this . . . something else?
This is really weirding me out here. Help would be appreciated.
|