Description of problem: The application gnome-settings-tried to make its own stack executable. It is a potential security problem. This action should never be necessary. Today, battery checklist is not executable on the OS and it will not change. A pile-executable memory is one of the biggest security problems. An error execstack could be caused by malicious code. The applications are sometimes incorrectly programmed and ask permission. Version-Release number of selected component (if applicable): gnome-settings-daemon-2.24.0-7.fc10 selinux-policy-3.5.10-3.fc1 How reproducible: all the charge of OS Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
What's the actual selinux error? (Check in your /var/log/messages, there should a be line like: "For complete SELinux messages. run sealert -l ...").
I add the audit making for SE trooble shoot : node=localhost.localdomain type=AVC msg=audit(1224088183.966:14): avc: denied { execstack } for pid=2844 comm="gnome-settings-" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=process node=localhost.localdomain type=SYSCALL msg=audit(1224088183.966:14): arch=40000003 syscall=125 success=no exit=-13 a0=bfdb8000 a1=1000 a2=1000007 a3=fffff000 items=0 ppid=2820 pid=2844 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="gnome-settings-" exe="/usr/libexec/gnome-settings-daemon" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
I add the message of var/log/messages : Oct 15 18:29:36 localhost kernel: SELinux: Context system_u:object_r:user_gnome_home_t:s0 is not valid (left unmapped). Oct 15 18:29:36 localhost kernel: SELinux: Context unconfined_u:object_r:user_gnome_home_t:s0 is not valid (left unmapped).
*** Bug 467107 has been marked as a duplicate of this bug. ***
*** This bug has been marked as a duplicate of bug 467304 ***