123107 – selinux audit message from fetchmail

Bug 123107 - selinux audit message from fetchmail

Summary: selinux audit message from fetchmail

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	policy
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Russell Coker
QA Contact:	Ben Levenson
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2004-05-12 15:41 UTC by Tim Waugh
Modified:	2007-11-30 22:10 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2005-05-12 17:46:40 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Tim Waugh 2004-05-12 15:41:54 UTC

Description of problem:
While running 'fetchmail -a' in enforcing mode I get this audit message:

audit(1084375398.024:0): avc:  denied  { setrlimit } for  pid=5465
exe=/usr/bin/fetchmail scontext=user_u:user_r:user_t
tcontext=user_u:user_r:user_t tclass=process

It comes from this code in fetchmail.c:

#ifdef HAVE_SETRLIMIT
    /*
     * Before getting passwords, disable core dumps unless -v -d0 mode
is on.
     * Core dumps could otherwise contain passwords to be scavenged by a
     * cracker.
     */
    if (outlevel < O_VERBOSE || run.poll_interval > 0)
    {
        struct rlimit corelimit;
        corelimit.rlim_cur = 0;
        corelimit.rlim_max = 0;
        setrlimit(RLIMIT_CORE, &corelimit);
    }
#endif /* HAVE_SETRLIMIT */

Version-Release number of selected component (if applicable):
fetchmail-6.2.5-2
policy-1.11.3-5

How reproducible:
100%

Steps to Reproduce:
1. Run 'fetchmail -a' with a valid config.

Comment 1 Daniel Walsh 2005-05-12 17:46:40 UTC

Fetchmail runs under it's own context now so this is fixed.

Note You need to log in before you can comment on or make changes to this bug.