-   Linux - Security (
-   -   SELinux showing permissive type for firefox crash while set to enforcing (

StarsAndBars14 12-25-2009 07:19 AM

SELinux showing permissive type for firefox crash while set to enforcing
I have no idea what the hell happened, I was browsing the web and my firefox crashed on account of a call to "execmem."

Looking into the setroubleshoot logs, I see this:


SELinux is preventing /usr/lib64/firefox-3.5.6/firefox "execmem" access.

Detailed Description:

[firefox has a permissive type (staff_t). This access was not denied.]

node=TechComm type=AVC msg=audit(1261746829.785:13538): avc: denied { execmem } for pid=3566 comm="firefox" scontext=staff_u:staff_r:staff_t:s0 tcontext=staff_u:staff_r:staff_t:s0 tclass=process

node=TechComm type=SYSCALL msg=audit(1261746829.785:13538): arch=c000003e syscall=10 success=yes exit=4294967424 a0=7f1d6e9da000 a1=1000 a2=5 a3=7fffff9c6300 items=0 ppid=3551 pid=3566 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="firefox" exe="/usr/lib64/firefox-3.5.6/firefox" subj=staff_u:staff_r:staff_t:s0 key=(null)
but looking at sestatus I see THIS:


SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing

Policy version: 24
Policy from config file: targeted
I seriously want to know what the hell is going on. I'm running 3.6.32-63.fc12 as my current policy - did policy get misconfigured during the last update, or is this . . . something else?

This is really weirding me out here. Help would be appreciated.

carltm 01-01-2010 08:44 AM

I know that Red Hat EL by default has selinux enabled and enforcing, so
I usually change it to enabled and permissive. It wouldn't surprise me
if FC changed the default from permissive to enforcing, but I don't know
if that is what happened.

All times are GMT -5. The time now is 09:42 PM.