Bug 510619
| Summary: | The pidgin application attempted to make its stack executable. | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Nicolas Mailhot <nicolas.mailhot> |
| Component: | pidgin | Assignee: | Warren Togami <wtogami> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | rawhide | CC: | stu, wtogami |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2009-11-09 20:17:34 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 473302 | ||
Are you using any plugins not shipped within pidgin itself? No. Pure week-old fedora install with nothing pidgin-related added Still an issue now? I haven't seen it lately, not sure if the bug was actually fixed or selinux silenced assuming fixed |
The pidgin application attempted to make its stack executable. This is a potential security problem. This should never ever be necessary. Stack memory is not executable on most OSes these days and this will not change. Executable stack memory is one of the biggest security problems. An execstack error might in fact be most likely raised by malicious code. Applications are sometimes coded incorrectly and request this permission. The SELinux Memory Protection Tests web page explains how to remove this requirement. If pidgin does not work and you need it to work, you can configure SELinux temporarily to allow this access until the application is fixed. Please file a bug report against this package. node= type=AVC msg=audit(1246799189.946:33821): avc: denied { execstack } for pid=11601 comm="pidgin" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=process node=arekh.okg type=SYSCALL msg=audit(1246799189.946:33821): arch=c000003e syscall=10 success=yes exit=0 a0=7ffffa8fc000 a1=1000 a2=1000007 a3=37f6a1a121 items=0 ppid=11478 pid=11601 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=15 comm="pidgin" exe="/usr/bin/pidgin" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null) pidgin-2.5.8-1.fc12 selinux-policy-3.6.20-2.fc12