Bug 189326 - /usr/lib/firefox-1.5.0.2/libxpcom_core.so tries to get write|exec memory access.
/usr/lib/firefox-1.5.0.2/libxpcom_core.so tries to get write|exec memory access.
Status: CLOSED CANTFIX
Product: Fedora
Classification: Fedora
Component: firefox (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Christopher Aillon
FF3RawhideClose
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-04-19 03:04 EDT by Russell Coker
Modified: 2008-05-01 11:38 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-12-20 11:47:44 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Russell Coker 2006-04-19 03:04:59 EDT
$ /usr/lib/firefox-1.5.0.2/firefox -UILocale en-US
/usr/lib/firefox-1.5.0.2/firefox-bin: error while loading shared 
libraries: /usr/lib/firefox-1.5.0.2/libxpcom_core.so: cannot restore segment 
prot after reloc: Permission denied
$

The audit logs have the following:

type=AVC msg=audit(1145424805.957:176): avc:  denied  { execmod } for  
pid=4484 comm="firefox-bin" name="libxpcom_core.so" dev=dm-7 ino=1341747 
scontext=rjc:system_r:unconfined_t:s0-s0:c0.c255 
tcontext=system_u:object_r:lib_t:s0 tclass=file
type=SYSCALL msg=audit(1145424805.957:176): arch=40000003 syscall=125 
success=no exit=-13 a0=111000 a1=cc000 a2=5 a3=bfdb2cb0 items=0 pid=4484 
auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 
fsgid=500 tty=pts3 comm="firefox-bin" 
exe="/usr/lib/firefox-1.5.0.1/firefox-bin" 
subj=rjc:system_r:unconfined_t:s0-s0:c0.c255
type=AVC_PATH msg=audit(1145424805.957:176):  
path="/usr/lib/firefox-1.5.0.1/libxpcom_core.so"

Below is Ulrich's URL of background on this situation.
http://people.redhat.com/drepper/selinux-mem.html

The shared object should not be trying to create memory regions that are 
writable and then make them executable.
Comment 1 Matěj Cepl 2007-12-20 11:47:44 EST
We just updated the Firefox version in Fedora/development from 2.0 to a 3.0
pre-release version, which improves performance, memory usage, and fixes many
bugs and crashes.

Closing as CANTFIX since we aren't fixing bugs filed against 2.0 now that 3.0 is
in.  If this bug is still present in rawhide using a Firefox 3.0 version, please
re-open this bug.

Thanks and Happy Holidays

Note You need to log in before you can comment on or make changes to this bug.