-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pedro Jose wrote: > Hello, I received this warning after installing totem-xine and run > this for the first time. I am concerned because the solution will > affect all applications on the system. (SELinux warning). > > This is: > > > Resúmen: > > SELinux is preventing totem from changing the access protection of memory on the > heap. > > Descripción Detallada: > > The totem application attempted to change the access protection of memory on the > heap (e.g., allocated using malloc). This is a potential security problem. > Applications should not be doing this. Applications are sometimes coded > incorrectly and request this permission. The SELinux Memory Protection Tests > (http://people.redhat.com/drepper/selinux-mem.html) web page explains how to > remove this requirement. If totem does not work and you need it to work, you can > configure SELinux temporarily to allow this access until the application is > fixed. Please file a bug report > (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. > > Permitiendo Acceso: > > If you want totem to continue, you must turn on the allow_execheap boolean. > Note: This boolean will affect all applications on the system. > > El siguiente comando permitirá este acceso: > > setsebool -P allow_execheap=1 > > Información Adicional: > > Contexto Fuente system_u:system_r:unconfined_t:s0 > Contexto Destino system_u:system_r:unconfined_t:s0 > Objetos Destino None [ process ] > Source totem > Source Path /usr/bin/totem > Port <Desconocido> > Host localhost.localdomain > Source RPM Packages totem-xine-2.20.1-1.lvn8 > Target RPM Packages > RPM de Políticas selinux-policy-3.0.8-93.fc8 > SELinux Activado True > Tipo de Política targeted > MLS Activado True > Modo Obediente Enforcing > Nombre de Plugin allow_execheap > Nombre de Equipo localhost.localdomain > Plataforma Linux localhost.localdomain 2.6.24.3-34.fc8 #1 SMP > Wed Mar 12 18:17:20 EDT 2008 i686 i686 > Cantidad de Alertas 2 > First Seen lun 24 mar 2008 22:26:42 CET > Last Seen lun 24 mar 2008 22:26:42 CET > Local ID c06e8b85-a4b1-4b69-8672-76e95d189cf9 > Números de Línea > > Mensajes de Auditoría Crudos > > host=localhost.localdomain type=AVC msg=audit(1206394002.429:87): avc: > denied { execheap } for pid=5071 comm="totem" > scontext=system_u:system_r:unconfined_t:s0 > tcontext=system_u:system_r:unconfined_t:s0 tclass=process > > host=localhost.localdomain type=SYSCALL msg=audit(1206394002.429:87): > arch=40000003 syscall=125 success=no exit=-13 a0=808f000 a1=ad4000 > a2=5 a3=bfe0eff0 items=0 ppid=1 pid=5071 auid=500 uid=500 gid=500 > euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) > comm="totem" exe="/usr/bin/totem" > subj=system_u:system_r:unconfined_t:s0 key=(null) > > > How can I do? > > Thanks > You are trying to run a program that is doing something dangerous. I am pretty sure this is caused by a badly coded codec. You can either not run the codec, or execute # setsebool -P allow_execheap 1 Like the message told you. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkfueCEACgkQrlYvE4MpobNhfwCbBRzkqtUp/2+6CkCuO6UWCKtl StwAoOu+Ozzr7UPoFzGUgTwXAHsUXbzV =m16G -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
