Bug 435828
| Summary: | SELinux is preventing /lib/ld-2.6.so from changing the access protection of memory on the heap. | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Lawrence C. Manalac <emperorlinux> |
| Component: | selinux-policy | Assignee: | Josef Kubin <jkubin> |
| Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | 7 | CC: | jkubin |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2008-03-07 16:18:40 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
It doesn't look as a problem of SELinux. SELinux has revealed a badly written application ... To fix your problem try to tweak sebooleans: # /usr/sbin/setsebool -P allow_execheap=1 |
The /lib/ld-2.6.so application attempted to change the access protection of memory on the heap (e,g., allocated using malloc). This is a potential security problem. Applications should not be doing this. Applications are sometimes coded incorrectly and request this permission. The SELinux Memory Protection Tests web page explains how to remove this requirement. If /lib/ld-2.6.so does not work and you need it to work, you can configure SELinux temporarily to allow this access until the application is fixed. Please file a bug report against this package. Source Context: user_u:system_r:unconfined_tTarget Context: user_u:system_r:unconfined_tTarget Objects: None [ process ]Affected RPM Packages: glibc-2.6-4 [application]Policy RPM: selinux-policy-2.6.4-70.fc7Selinux Enabled: TruePolicy Type: targetedMLS Enabled: TrueEnforcing Mode: EnforcingPlugin Name: plugins.allow_execheapHost Name: sdhcp-m-38.tpgi.com.auPlatform: Linux sdhcp-m-38.tpgi.com.au 2.6.23.15-80.fc7 #1 SMP Sun Feb 10 17:29:10 EST 2008 i686 i686Alert Count: 2First Seen: Mon 03 Mar 2008 11:52:27 AM ESTLast Seen: Mon 03 Mar 2008 06:09:07 PM ESTLocal ID: 6d9c914c-a17e-4c1e-8713-643c7a9cac21Line Numbers: Raw Audit Messages :avc: denied { execheap } for comm="ld-linux.so.2" egid=500 euid=500 exe="/lib/ld-2.6.so" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 pid=25075 scontext=user_u:system_r:unconfined_t:s0 sgid=500 subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=process tcontext=user_u:system_r:unconfined_t:s0 tty=(none) uid=500