Bug 312931 - mono_t wants execstack
mono_t wants execstack
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: mono (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: Alexander Larsson
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-09-30 06:52 EDT by Dominick Grift
Modified: 2007-11-30 17:12 EST (History)
0 users

See Also:
Fixed In Version: 1.2.5-4
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-11-21 07:33:49 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
mono.te diff (444 bytes, text/x-patch)
2007-09-30 06:52 EDT, Dominick Grift
no flags Details

  None (edit)
Description Dominick Grift 2007-09-30 06:52:18 EDT
Description of problem:
type=AVC msg=audit(1191118234.434:369): avc:  denied  { execstack } for 
pid=10326 comm="totem-video-ind" scontext=system_u:system_r:mono_t:s0
tcontext=system_u:system_r:mono_t:s0 tclass=process

Version-Release number of selected component (if applicable):
selinux-policy-devel-3.0.8-14.fc8

How reproducible:
I have 18 counts of this AVC denial. I suspect they happen at system start-up or
user login. I have recently installed Beagle which i think relies on mono. This
beagle service starts when a session is opened.

Steps to Reproduce:


Actual results:


Expected results:


Additional info:

I attached a proposed change.
Comment 1 Dominick Grift 2007-09-30 06:52:18 EDT
Created attachment 211671 [details]
mono.te diff
Comment 2 Daniel Walsh 2007-10-01 15:55:50 EDT
Does Mono need execstack or is this just a badly written application?
Comment 3 Will Woods 2007-10-01 16:17:48 EDT
I notice this denial is coming from part of totem - do you have gstreamer
libraries from livna (e.g. gstreamer-ffmpeg) installed? 

Currently their x264 libraries incorrectly have the execstack flag set on them,
which taints everything that loads those libraries, including totem and friends.

See the fedora-test-list thread that ends here:
https://www.redhat.com/archives/fedora-test-list/2007-September/msg00887.html
Comment 4 Dominick Grift 2007-10-01 16:56:36 EDT
Yes i installed some Livna plugins etc. This may explain the issue. i must say
that i haven't had any issue's the last few day's, and there have been some
updates in the livna repository.
Comment 5 Paul F. Johnson 2007-11-21 07:33:49 EST
It looks to me like the problem has gone now for f8. I'll close this bug.

Note You need to log in before you can comment on or make changes to this bug.