crond execheap
Daniel J Walsh
dwalsh at redhat.com
Mon Feb 6 20:36:56 UTC 2006
Tom London wrote:
> Running latest rawhide, targeted/enforcing.
>
> I notice this in audit.log:
> ----
> type=SYSCALL msg=audit(02/05/2006 10:32:52.810:590) : arch=i386
> syscall=mprotect success=no exit=-13(Permission denied) a0=4b25000
> a1=6f000 a2=5 a3=bfd4d600 items=0 pid=7034 auid=unknown(4294967295)
> uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root
> fsgid=root comm=ld-linux.so.2 exe=/lib/ld-2.3.90.so
> type=AVC msg=audit(02/05/2006 10:32:52.810:590) : avc: denied {
> execheap } for pid=7034 comm=ld-linux.so.2
> scontext=system_u:system_r:crond_t:s0
> tcontext=system_u:system_r:crond_t:s0 tclass=process
> ----
>
>
This should not happen. Do you know what crond is generating this?
Nothing should be running ld-linus.so.2
Dan
> Not sure how to track this down further....
>
> tom
> --
> Tom London
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
More information about the fedora-selinux-list
mailing list