"denied" error message
Bill Tangren
bjt at usno.navy.mil
Wed Jul 25 20:03:23 UTC 2007
Bill Tangren wrote:
> I have the following error message showing up in my audit logs. This is
> on an SELinux-enabled web server (running RHEL ES 4, fully patched).
> This is actually an selinux error, so if this not the correct place to
> ask this question, please let me know.
>
Never mind. I got at least a partial answer by googling NSA's selinux mailing
list archive. I quote from one of those pages:
"Typically, that audit message suggests that kernel is translating PROT_READ
requests by that binary to PROT_READ|PROT_EXECUTE in order to provide
compatibility with "legacy" binaries that presumed read-implies-exec logic."
This is an old program that is calling shared libraries. It isn't hurting the
program, but it is filling up my audit logs. I guess I'll leave it alone.
Thanks anyway.
More information about the Linux-audit
mailing list