Detailed DescriptionThe /usr/lib/nspluginwrapper/npviewer.bin application attempted to load /usr/lib/mozilla/plugins/nppdf.so which requires text relocation. This is a potential security problem. Most libraries do not need this permission. Libraries are sometimes coded incorrectly and request this permission. The SELinux Memory Protection Tests web page explains how to remove this requirement. You can configure SELinux temporarily to allow /usr/lib/mozilla/plugins/nppdf.so to use relocation as a workaround, until the library is fixed. Please file a bug report against this package.Allowing AccessIf you trust /usr/lib/mozilla/plugins/nppdf.so to run correctly, you can change the file context to textrel_shlib_t. "chcon -t textrel_shlib_t /usr/lib/mozilla/plugins/nppdf.so" You must also change the default file context files on the system in order to preserve them even on a full relabel. "semanage fcontext -a -t textrel_shlib_t /usr/lib/mozilla/plugins/nppdf.so"The following command will allow this access:chcon -t textrel_shlib_t /usr/lib/mozilla/plugins/nppdf.soAdditional InformationSource Context: system_u:system_r:unconfined_t:s0Target Context: system_u:object_r:lib_t:s0Target Objects: /usr/lib/mozilla/plugins/nppdf.so [ file ]Affected RPM Packages: nspluginwrapper-0.9.91.5-14.fc8 [application]Policy RPM: selinux-policy-3.0.8-72.fc8Selinux Enabled: TruePolicy Type: targetedMLS Enabled: TrueEnforcing Mode: EnforcingPlugin Name: plugins.allow_execmodHost Name: localhost.localdomainPlatform: Linux localhost.localdomain 2.6.23.9-85.fc8 #1 SMP Fri Dec 7 15:49:36 EST 2007 x86_64 x86_64Alert Count: 22First Seen: Thu 03 Jan 2008 09:34:06 PM GMTLast Seen: Fri 04 Jan 2008 10:21:48 PM GMTLocal ID: df01f0d4-dfff-4efb-a999-c118d6cdd2e3Line Numbers: Raw Audit Messages :avc: denied { execmod } for comm=npviewer.bin dev=dm-0 egid=500 euid=500 exe=/usr/lib/nspluginwrapper/npviewer.bin exit=-13 fsgid=500 fsuid=500 gid=500 items=0 path=/usr/lib/mozilla/plugins/nppdf.so pid=4311 scontext=system_u:system_r:unconfined_t:s0 sgid=500 subj=system_u:system_r:unconfined_t:s0 suid=500 tclass=file tcontext=system_u:object_r:lib_t:s0 tty=(none) uid=500
Bad file context restorecon -v /usr/lib/mozilla/plugins/nppdf.so
Bugs have been in modified for over one month. Closing as fixed in current release please reopen if the problem still persists.
many thanks, the "restorecon" seems to have fixed this problem. Chris