Hi,
by coincidence I saw the following AVCs in my audit log when starting
firefox (firefox runs fine).
type=1400 audit(1307056986.733:2965): avc: denied { execstack } for
pid=13470 comm="plugin-config"
scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tclass=process
type=1400 audit(1307056986.734:2966): avc: denied { execstack } for
pid=13470 comm="plugin-config"
scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tclass=process
type=1400 audit(1307056987.922:2967): avc: denied { execstack } for
pid=13465 comm="firefox"
scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tclass=process
type=1400 audit(1307056987.922:2968): avc: denied { execstack } for
pid=13465 comm="firefox"
scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tclass=process
type=1400 audit(1307056987.938:2969): avc: denied { execstack } for
pid=13465 comm="firefox"
scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tclass=process
type=1400 audit(1307056987.938:2970): avc: denied { execstack } for
pid=13465 comm="firefox"
scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tclass=process
Should I classify these AVCs as suspicious?
rpm -qa selinux*
selinux-policy-targeted-3.9.7-42.fc14.noarch
selinux-policy-3.9.7-42.fc14.noarch
best regards,
Christoph
Attachment:
signature.asc
Description: OpenPGP digital signature
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
