firefox and /usr/tmp

Tom London selinux at
Thu Dec 2 02:58:51 UTC 2004

Running strict/enforcing, latest Rawhide,

Starting firefox produces:

Dec  1 18:49:33 fedora kernel: audit(1101955773.849:0): avc:  denied 
{ read } for  pid=4652 exe=/usr/lib/firefox-1.0/firefox-bin name=tmp
dev=hda2 ino=4112455 scontext=user_u:user_r:user_mozilla_t
tcontext=system_u:object_r:tmp_t tclass=lnk_file

on attempted read of /usr/tmp (link to /var/tmp)

Should there be a 
dontaudit user_mozilla_t tmp_t:lnk_file read;
in mozilla_macros.te ?
Tom London

More information about the fedora-selinux-list mailing list