Bug 429473 - AVC denial in gnome-settings-(daemon?)
Summary: AVC denial in gnome-settings-(daemon?)
Alias: None
Product: Fedora
Classification: Fedora
Component: control-center
Version: 8
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Control Center Maintainer
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2008-01-20 21:19 UTC by Jerry James
Modified: 2008-09-09 16:05 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2008-09-09 16:05:58 UTC

Attachments (Terms of Use)

Description Jerry James 2008-01-20 21:19:33 UTC
Description of problem:
I logged into my freshly booted up system, walked away for about 10 minutes,
then came back to find an AVC denial had occurred in my absence.

Source Context:  unconfined_u:system_r:unconfined_t:SystemLow-SystemHigh
Target Context:  unconfined_u:system_r:unconfined_t:SystemLow-SystemHigh
Target Objects:  None [ process ]
Affected RPM Packages:
Policy RPM:  selinux-policy-3.0.8-73.fc8
Selinux Enabled:  True
Policy Type:  targeted
MLS Enabled:  True
Enforcing Mode:  Permissive
Plugin Name:  plugins.allow_execheap
Host Name:  localhost.localdomain
Platform:  Linux localhost.localdomain #1 SMP Fri Dec
7 15:49:59 EST 2007 i686 i686
Alert Count:  1
First Seen:  Wed 16 Jan 2008 08:42:07 PM MST
Last Seen:  Wed 16 Jan 2008 08:42:07 PM MST
Local ID:  264c0f89-91de-43d3-a095-50d6636c25d0
Line Numbers:

Raw Audit Messages :

avc: denied { execheap } for comm=gnome-settings- pid=2851
tclass=process tcontext=unconfined_u:system_r:unconfined_t:s0-s0:c0.c1023

PID 2851 didn't exist by the time I was able to check for it.  Asking on
fedora-devel-list led to the suggestion that this is gnome-settings-daemon.

Version-Release number of selected component (if applicable):

How reproducible:
Not at all.  It has never happened before, and I have not been able to provoke
the same behavior since.

Steps to Reproduce:
1. Boot up
2. Login
3. Walk away for about 10 minutes and see if you get lucky.
Actual results:
I got the AVC denial shown above.

Expected results:
No AVC denial

Additional info:

Note You need to log in before you can comment on or make changes to this bug.