This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 467054 - SELinux is preventing nexuiz-sdl from changing a writable memory segment executable.
SELinux is preventing nexuiz-sdl from changing a writable memory segment exec...
Status: CLOSED CANTFIX
Product: Fedora
Classification: Fedora
Component: nexuiz (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Gwyn Ciesla
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-10-15 10:13 EDT by cgrim
Modified: 2008-10-20 14:49 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-10-20 14:49:57 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description cgrim 2008-10-15 10:13:28 EDT
Description of problem:
The nexuiz-sdl application attempted to change the access protection of memory (e.g., allocated using malloc). This is a potential security problem. Applications should not be doing this. Applications are sometimes coded incorrectly and request this permission. The SELinux Memory Protection Tests web page explains how to remove this requirement. If nexuiz-sdl does not work and you need it to work, you can configure SELinux temporarily to allow this access until the application is fixed.

Version-Release number of selected component (if applicable):
Name       : nexuiz
Arch       : x86_64
Version    : 2.4.2
Release    : 3.fc10

How reproducible:
SELinux configured like this:
System Default Enforcing Mode = Enforcing
Current Enforcing Mode = Enforcing
System Default Policy Type = Targeted

Steps to Reproduce:
1. Enable SELinux as it's shown above
2. Login into the Gnome desktop
3. Run Nexuiz
  
Actual results:
Nexuiz did not start and SELinux TroubleShooter shows this message: SELinux is preventing nexuiz-sdl from changing a writable memory segment executable.

Expected results:
Nexuiz starts correctly.

Additional info:
In Fedora 9 was everything OK.
Now in Fedora 10 I'm using this workaround:
chcon -t unconfined_execmem_exec_t '/usr/bin/nexuiz-sdl'

Similar problems:
https://bugzilla.redhat.com/show_bug.cgi?id=467033
https://bugzilla.redhat.com/show_bug.cgi?id=467034
https://bugzilla.redhat.com/show_bug.cgi?id=467035
Comment 1 Gwyn Ciesla 2008-10-15 10:38:14 EDT
See comment in https://bugzilla.redhat.com/show_bug.cgi?id=467033
Comment 2 Gwyn Ciesla 2008-10-20 14:49:57 EDT
nvidia driver issue.

Note You need to log in before you can comment on or make changes to this bug.