Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jim Cornette wrote:
Antonio Olivares wrote:
I do not want to have a compromised system, but I am
getting tired of the exec stack stuff appearing just
about everytime I start firefox and now seamonkey as
well. Should I also file a bug against seamonkey for
using the stack?
Regards,
Antonio
Like I mentioned before, the only site that I experienced the error on
is news.aol.com - I did not add anything to any rules for SELinux so I
would expect your system has a badly acting plug-in as was suggested by
others. Yahoo did not seem to cause problems for me, but I do not use
yahoo or have an account for the service.
The difference for me is seamonkey used to crash. It now keeps on
logging denials. Firefox does crash on the same site as seamonkey used
to crash on.
If you temporarily change your homepage to another location and bring up
firefox or seamonkey does it crash or load successfully?
Maybe it is a bug with the browsers. I do not know, but it is not severe
on my system.
The news.aol.com site generated the below raw messages for firefox.
Raw Audit Messages :host=HP-JCF7 type=AVC
msg=audit(1202781770.462:1241): avc: denied { execmem } for pid=16598
comm="firefox" scontext=unconfined_u:unconfined_r:unconfined_t:s0
tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process
host=HP-JCF7 type=SYSCALL msg=audit(1202781770.462:1241): arch=40000003
syscall=125 success=no exit=-13 a0=b2f51000 a1=1000 a2=5 a3=bfc5f21c
items=0 ppid=16584 pid=16598 auid=500 uid=500 gid=500 euid=500 suid=500
fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) comm="firefox"
exe="/usr/lib/firefox-3.0b4pre/firefox"
subj=unconfined_u:unconfined_r:unconfined_t:s0 key=(null)
For seamonkey news.aol.com repeatedly produces the below.
Line Numbers: Raw Audit Messages :host=HP-JCF7 type=AVC
msg=audit(1202860251.355:818): avc: denied { execmem } for pid=23617
comm="seamonkey-bin" scontext=unconfined_u:unconfined_r:unconfined_t:s0
tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process
host=HP-JCF7 type=SYSCALL msg=audit(1202860251.355:818): arch=40000003
syscall=125 success=no exit=-13 a0=ae321000 a1=1000 a2=5 a3=bf85db5c
items=0 ppid=1 pid=23617 auid=500 uid=500 gid=500 euid=500 suid=500
fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) comm="seamonkey-bin"
exe="/usr/lib/seamonkey-1.1.8/seamonkey-bin"
subj=unconfined_u:unconfined_r:unconfined_t:s0 key=(null)
Jim
Well going to this page with nsplugin installed causes nsplugin_t to
generate an execmem.
- ----
time->Wed Feb 13 08:00:55 2008
type=SYSCALL msg=audit(1202907655.715:1515): arch=40000003 syscall=125
per=8 success=no exit=-13 a0=f2129000 a1=1000 a2=5 a3=ffbff4bc items=0
ppid=4897 pid=4917 auid=3267 uid=3267 gid=3267 euid=3267 suid=3267
fsuid=3267 egid=3267 sgid=3267 fsgid=3267 tty=(none) comm="npviewer.bin"
exe="/usr/lib/nspluginwrapper/npviewer.bin"
subj=staff_u:staff_r:nsplugin_t:s0 key=(null)
type=AVC msg=audit(1202907655.715:1515): avc: denied { execmem } for
pid=4917 comm="npviewer.bin" scontext=staff_u:staff_r:nsplugin_t:s0
tcontext=staff_u:staff_r:nsplugin_t:s0 tclass=process
nsplugin seems to survive though. So this is definitely a plugin
causing the problem. I would bet it is flashplugin.
Hard to tell if anything is different on this page.
I have flash-plugin-9.0.48.0-release.i386 installed. The Disney website
works for the kids without the plug-in wrapper.
I checked if nspluginwrapper was installed on my system and it wasn't. I
now have it installed nspluginwrapper.i386 0:0.9.91.5-21.fc9.
Thanks, I'll try the site for effect with the wrapper installed.
Jim
--
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe:
https://www.redhat.com/mailman/listinfo/fedora-test-list
