829729 – SELinux is preventing /usr/lib64/firefox/firefox (deleted) from using the ptrace access on a process.

Bug 829729 - SELinux is preventing /usr/lib64/firefox/firefox (deleted) from using the ptrace access on a process.

Summary: SELinux is preventing /usr/lib64/firefox/firefox (deleted) from using the ptr...

Keywords:
Status:	CLOSED INSUFFICIENT_DATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	17
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Assignee:	Miroslav Grepl
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-06-07 12:43 UTC by Antonio T. (sagitter)
Modified:	2012-06-07 18:13 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2012-06-07 18:13:48 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
ptrace-alert log (2.78 KB, text/plain) 2012-06-07 12:43 UTC, Antonio T. (sagitter)	no flags	Details
Plugins actived (22.76 KB, text/html) 2012-06-07 17:31 UTC, Antonio T. (sagitter)	no flags	Details
View All

Description Antonio T. (sagitter) 2012-06-07 12:43:36 UTC

Created attachment 590186 [details]
ptrace-alert log

Description of problem:
This alert is appeared after Firefox update (from 12 to 13). Firefox works fine.

Version-Release number of selected component (if applicable):
selinux-policy-doc-3.10.0-128.fc17.noarch
libselinux-2.1.10-3.fc17.x86_64
libselinux-devel-2.1.10-3.fc17.x86_64
selinux-policy-devel-3.10.0-128.fc17.noarch
libselinux-utils-2.1.10-3.fc17.x86_64
libselinux-python-2.1.10-3.fc17.x86_64
selinux-policy-3.10.0-128.fc17.noarch
selinux-policy-targeted-3.10.0-128.fc17.noarch
firefox-13.0-1.fc17.x86_64

  
Actual results: See attachment

Comment 1 Miroslav Grepl 2012-06-07 12:48:49 UTC

The alert told you what to do.

Comment 2 Antonio T. (sagitter) 2012-06-07 14:40:14 UTC

(In reply to comment #1)
> The alert told you what to do.

Disable ptrace ?
I don't want disable it.

Comment 3 Daniel Walsh 2012-06-07 16:12:24 UTC

Did you notice anything breaking?

It looks like something is causing firefox to ptrace its plugin?  Any idea what plugin you were using?

Google PerChance.  I would probably add a

dontaudit unconfined_t mozilla_plugin_t:process ptrace;

Comment 4 Antonio T. (sagitter) 2012-06-07 17:31:11 UTC

(In reply to comment #3)
> Did you notice anything breaking?

No.

> It looks like something is causing firefox to ptrace its plugin?  Any idea
> what plugin you were using?

I have not idea. It has been displayed during Firefox update, while old Firefox has been removed.

Comment 5 Antonio T. (sagitter) 2012-06-07 17:31:58 UTC

Created attachment 590252 [details]
Plugins actived

Comment 6 Daniel Walsh 2012-06-07 18:13:48 UTC

Well lets pretend it did not happen, since it does not seem like a good idea and probably should be blocked.  Reopen if it happens again.

Note You need to log in before you can comment on or make changes to this bug.