selinux now causing trouble with seamonkey

Jim Cornette fct-cornette at insight.rr.com
Tue Feb 12 23:52:57 UTC 2008 

Antonio Olivares wrote:
> 
> I do not want to have a compromised system, but I am
> getting tired of the exec stack stuff appearing just
> about everytime I start firefox and now seamonkey as
> well.  Should I also file a bug against seamonkey for
> using the stack?
> 
> Regards,
> 
> Antonio 
> 

Like I mentioned before, the only site that I experienced the error on 
is news.aol.com - I did not add anything to any rules for SELinux so I 
would expect your system has a badly acting plug-in as was suggested by 
others. Yahoo did not seem to cause problems for me, but I do not use 
yahoo or have an account for the service.

The difference for me is seamonkey used to crash. It now keeps on 
logging denials. Firefox does crash on the same site as seamonkey used 
to crash on.

If you temporarily change your homepage to another location and bring up 
firefox or seamonkey does it crash or load successfully?

Maybe it is a bug with the browsers. I do not know, but it is not severe 
on my system.

The news.aol.com site generated the below raw messages for firefox.

Raw Audit Messages :host=HP-JCF7 type=AVC 
msg=audit(1202781770.462:1241): avc: denied { execmem } for pid=16598 
comm="firefox" scontext=unconfined_u:unconfined_r:unconfined_t:s0 
tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process 
host=HP-JCF7 type=SYSCALL msg=audit(1202781770.462:1241): arch=40000003 
syscall=125 success=no exit=-13 a0=b2f51000 a1=1000 a2=5 a3=bfc5f21c 
items=0 ppid=16584 pid=16598 auid=500 uid=500 gid=500 euid=500 suid=500 
fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) comm="firefox" 
exe="/usr/lib/firefox-3.0b4pre/firefox" 
subj=unconfined_u:unconfined_r:unconfined_t:s0 key=(null)

For seamonkey news.aol.com repeatedly produces the below.

Line Numbers:  Raw Audit Messages :host=HP-JCF7 type=AVC 
msg=audit(1202860251.355:818): avc: denied { execmem } for pid=23617 
comm="seamonkey-bin" scontext=unconfined_u:unconfined_r:unconfined_t:s0 
tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process 
host=HP-JCF7 type=SYSCALL msg=audit(1202860251.355:818): arch=40000003 
syscall=125 success=no exit=-13 a0=ae321000 a1=1000 a2=5 a3=bf85db5c 
items=0 ppid=1 pid=23617 auid=500 uid=500 gid=500 euid=500 suid=500 
fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) comm="seamonkey-bin" 
exe="/usr/lib/seamonkey-1.1.8/seamonkey-bin" 
subj=unconfined_u:unconfined_r:unconfined_t:s0 key=(null)

Jim

More information about the fedora-test-list mailing list