Bug 123107 - selinux audit message from fetchmail
Summary: selinux audit message from fetchmail
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: policy
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Russell Coker
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-05-12 15:41 UTC by Tim Waugh
Modified: 2007-11-30 22:10 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2005-05-12 17:46:40 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Tim Waugh 2004-05-12 15:41:54 UTC
Description of problem:
While running 'fetchmail -a' in enforcing mode I get this audit message:

audit(1084375398.024:0): avc:  denied  { setrlimit } for  pid=5465
exe=/usr/bin/fetchmail scontext=user_u:user_r:user_t
tcontext=user_u:user_r:user_t tclass=process

It comes from this code in fetchmail.c:

#ifdef HAVE_SETRLIMIT
    /*
     * Before getting passwords, disable core dumps unless -v -d0 mode
is on.
     * Core dumps could otherwise contain passwords to be scavenged by a
     * cracker.
     */
    if (outlevel < O_VERBOSE || run.poll_interval > 0)
    {
        struct rlimit corelimit;
        corelimit.rlim_cur = 0;
        corelimit.rlim_max = 0;
        setrlimit(RLIMIT_CORE, &corelimit);
    }
#endif /* HAVE_SETRLIMIT */

Version-Release number of selected component (if applicable):
fetchmail-6.2.5-2
policy-1.11.3-5

How reproducible:
100%

Steps to Reproduce:
1. Run 'fetchmail -a' with a valid config.

Comment 1 Daniel Walsh 2005-05-12 17:46:40 UTC
Fetchmail runs under it's own context now so this is fixed.


Note You need to log in before you can comment on or make changes to this bug.