Red Hat Bugzilla – Bug 965445
/usr/lib64/xulrunner/plugin-container is spying on /home user's directory
Last modified: 2013-10-22 08:51:45 EDT
Created attachment 750914 [details]
SETroubleshoot Details Window output
Description of problem:
Today I got a selinux alert (fragment below):
SELinux is preventing /usr/lib64/xulrunner/plugin-container from read
access on the directory /home/jdoe/wordpress.
-------- end of fragment ---------
Version-Release number of selected component (if applicable):
Nazwa : xulrunner
Architektura : x86_64
Wersja : 21.0
Wydanie : 3.fc18
Rozmiar : 50 M
Repozytorium : installed
Z repozytorium : updates
Podsumowanie : XUL Runtime for Gecko Applications
Adres URL : http://developer.mozilla.org/En/XULRunner
Licencja : MPLv1.1 or GPLv2+ or LGPLv2+
Opis : XULRunner is a Mozilla runtime package that can be used to
: bootstrap XUL+XPCOM applications that are as rich as
: Firefox and Thunderbird. It provides mechanisms for
: installing, upgrading, and uninstalling these applications.
: XULRunner also provides libxul, a solution which allows the
: embedding of Mozilla technologies in other projects and
Steps to Reproduce:
The bug is specifically in the xulrunner, SELinux in fact saved the system by not allowing the access to the private directory. But why only to one of many subdirectories I got ? xulrunner wanted to read only this particular one ?
(In reply to Suawomirr from comment #1)
> The bug is specifically in the xulrunner, SELinux in fact saved the system
> by not allowing the access to the private directory. But why only to one of
> many subdirectories I got ? xulrunner wanted to read only this particular
> one ?
Suawomirr, can you clarify what were you doing when this happened?
Where is the pool command coming from. It could have been
locate -r /pool$
Having a file manager running could have triggered this.
(In reply to Daniel Walsh from comment #4)
Slawomir, can you reply to the query below?
> Where is the pool command coming from. It could have been
> locate -r /pool$
> Having a file manager running could have triggered this.
Thank you, Jan.