Tom London wrote:
path="/usr/lib/vmware/lib/libgdk-x11-2.0.so.0/libgdk-x11-2.0.so.0" type=SYSCALL msg=audit(1134335151.660:39): arch=40000003 syscall=125 per=400000
This is indeed a text relocation issue. Since the code is LGPLed they have to provide you with the sources. Just use compile and use eu-findtextrel to determine the sources of the text relocation.
type=PATH msg=audit(1134331229.904:20): item=0 name="/usr/bin/skype" flags=101 inode=145190 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=CWD msg=audit(1134331229.904:20): cwd="/home/tbl" type=SYSCALL msg=audit(1134331229.904:20): arch=40000003 syscall=11
That's a fault in the execve syscall. This most likely means the binary has a section which is executable and writable at the same time. This really should never happen, it's a security nightmare. Would you want an application which by its nature has to accept connections from all over the net to have such a flaw?
Maybe you can post the output of eu-readelf -l /usr/bin/skype -- ➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖ -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
