LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 12-25-2009, 07:19 AM   #1
StarsAndBars14
Member
 
Registered: Nov 2006
Location: Tennessee
Distribution: Fedora Core 12
Posts: 49

Rep: Reputation: 15
SELinux showing permissive type for firefox crash while set to enforcing


I have no idea what the hell happened, I was browsing the web and my firefox crashed on account of a call to "execmem."

Looking into the setroubleshoot logs, I see this:

Quote:
SELinux is preventing /usr/lib64/firefox-3.5.6/firefox "execmem" access.

Detailed Description:

[firefox has a permissive type (staff_t). This access was not denied.]

node=TechComm type=AVC msg=audit(1261746829.785:13538): avc: denied { execmem } for pid=3566 comm="firefox" scontext=staff_u:staff_r:staff_t:s0 tcontext=staff_u:staff_r:staff_t:s0 tclass=process

node=TechComm type=SYSCALL msg=audit(1261746829.785:13538): arch=c000003e syscall=10 success=yes exit=4294967424 a0=7f1d6e9da000 a1=1000 a2=5 a3=7fffff9c6300 items=0 ppid=3551 pid=3566 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="firefox" exe="/usr/lib64/firefox-3.5.6/firefox" subj=staff_u:staff_r:staff_t:s0 key=(null)
but looking at sestatus I see THIS:

Quote:
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing

Policy version: 24
Policy from config file: targeted
I seriously want to know what the hell is going on. I'm running 3.6.32-63.fc12 as my current policy - did policy get misconfigured during the last update, or is this . . . something else?

This is really weirding me out here. Help would be appreciated.
 
Old 01-01-2010, 08:44 AM   #2
carltm
Member
 
Registered: Jan 2007
Location: Canton, MI
Distribution: CentOS, SuSE, Red Hat, Debian, etc.
Posts: 697

Rep: Reputation: 93
I know that Red Hat EL by default has selinux enabled and enforcing, so
I usually change it to enabled and permissive. It wouldn't surprise me
if FC changed the default from permissive to enforcing, but I don't know
if that is what happened.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Mysqld won't start with Selinux enforcing turned on jdnow09 Linux - General 3 06-24-2009 01:37 PM
create linux group & user when SELinux enforcing kirukan Linux - Security 5 05-05-2009 02:44 PM
LXer: Sun Set to Bring SELinux Type Tech to Solaris LXer Syndicated Linux News 0 03-14-2008 09:12 PM
How to execute a Perl script in ~/.procmailrc with SELinux set to Enforcing? thomasz Linux - Security 1 03-14-2008 05:25 AM
Apache/PHP problems with Selinux enforcing.... maxie_fc3 Fedora 0 01-11-2005 07:40 AM


All times are GMT -5. The time now is 05:12 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration