Bug 304421
Summary: | SE Linux warning | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Austin <aa_sb_0> | ||||||
Component: | firefox | Assignee: | Christopher Aillon <caillon> | ||||||
Status: | CLOSED NEXTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
Severity: | low | Docs Contact: | |||||||
Priority: | low | ||||||||
Version: | 7 | CC: | gecko-bugs-nobody, mcepl | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | x86_64 | ||||||||
OS: | Linux | ||||||||
Whiteboard: | pleaForReproductionFF3 | ||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2008-02-28 15:02:36 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Austin
2007-09-25 03:34:57 UTC
Created attachment 204791 [details]
Additional information from the SE Troubleshooter browser
Created attachment 207691 [details] selinux description of requested bug report on firefox First occurence was noticed post install of fc7, install was followed by firefox install and kernel update. SELinux reported the incident while installing google earth Similiar problem, SELinux is preventing /usr/lib/firefox-2.0.0.5/firefox-bin from loading /usr/lib/firefox-2.0.0.5/plugins/nppdf.so which requires text relocation. Detailed DescriptionThe /usr/lib/firefox-2.0.0.5/firefox-bin application attempted to load /usr/lib/firefox-2.0.0.5/plugins/nppdf.so which requires text relocation. This is a potential security problem. Most libraries do not need this permission. Libraries are sometimes coded incorrectly and request this permission. This SELinux trouble shooter report is very similiar to Bug 304421 Q applying the temporary fix/work around suggested by SELinux trouble shooter, what is the probability of a security breach, until the lib's text relocation code is addressed. Please file a bug report against this package. Allowing Access If you trust /usr/lib/firefox-2.0.0.5/plugins/nppdf.so to run correctly, you can change the file context to textrel_shlib_t. "chcon -t textrel_shlib_t /usr/lib/firefox-2.0.0.5/plugins/nppdf.so"The following command will allow this access:chcon -t textrel_shlib_t /usr/lib/firefox-2.0.0.5/plugins/nppdf.so At this point, we're going to only be taking security fixes and major stability fixes into this release of Fedora. However, we still want to ensure the bug is fixed in the next version. We'd appreciate if you could test Firefox 3, available at http://www.mozilla.com/en-US/firefox/all-beta.html or now shipping as the default in Fedora rawhide and provide feedback as to whether it still exists so we can file a ticket upstream to try to fix it in Firefox 3 before it is released. At this point, we're going to only be taking security fixes and major stability fixes into this release of Fedora. However, we still want to ensure the bug is fixed in the next version. We'd appreciate if you could test Firefox 3, available at http://www.mozilla.com/en-US/firefox/all-beta.html or now shipping as the default in Fedora rawhide and provide feedback as to whether it still exists so we can file a ticket upstream to try to fix it in Firefox 3 before it is released. I've tried out Firefox 3 beta 3 and it does not appear to generate any SE Linux alerts. At least none appeared to be logged in var log messages. Thanks for letting us know. |