AVC everytime I launch a tab in firefox from gnome-terminal
Daniel J Walsh
dwalsh at redhat.com
Mon Apr 14 19:37:14 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Chuck Anderson wrote:
> On Fri, Apr 11, 2008 at 11:15:09AM -0400, Chuck Anderson wrote:
>> Every time I launch a tab from a URL in gnome-terminal, I get this
>> AVC:
>>
>> Hmm why is this program set-uid root?
>>
>>> ls -l /usr/lib/nspluginwrapper/plugin-config
>> -rwsr-xr-x 1 root root 60048 2008-03-11 10:02 /usr/lib/nspluginwrapper/plugin-config*
>>
>> host=dustpuppy.wpi.edu type=AVC msg=audit(1207926134.511:4168): avc:
>> denied { execstack } for pid=30324 comm="plugin-config"
>> scontext=unconfined_u:unconfined_r:nsplugin_config_t:s0-s0:c0.c1023
>> tcontext=unconfined_u:unconfined_r:nsplugin_config_t:s0-s0:c0.c1023
>> tclass=process
>
> I opened a bug on nspluginwrapper to get some questions answered:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=442065
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
This is probably caused by some evil/badly written plugin
If you turn on the allow_nsplugin_execmem boolean, the app should work.
setsebool -P allow_nsplugin_execmem=1
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkgDsmoACgkQrlYvE4MpobOT/wCfdOtXYbfDUROz1zr4o1xNy4YK
mwwAn1b872R1MyLoHeZyjrEA40+KBQ61
=0bi/
-----END PGP SIGNATURE-----
More information about the fedora-selinux-list
mailing list