selinux now causing trouble with seamonkey
Antonio Olivares
olivares14031 at yahoo.com
Tue Feb 12 15:21:47 UTC 2008
--- Daniel J Walsh <dwalsh at redhat.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Antonio Olivares wrote:
> > --- Jim Cornette <fct-cornette at insight.rr.com>
> wrote:
> >
> >> Antonio Olivares wrote:
> >>> Dear all,
> >>>
> >>> In addition to the bug filed
> >>>
> https://bugzilla.redhat.com/show_bug.cgi?id=432198
> >>>
> >>> selinux now is causing trouble with seamonkey.
> >>>
> >>> I deleted the ~/.mozilla/ directory and started
> >> from
> >>> scratch. So the argument about the plugins will
> >> not
> >>> work now :)
> >> I use seamonkey where the only site I have this
> >> error on is an aol site.
> >> It used to crash the browser but now shows 500
> plus
> >> counts. I tried it
> >> again and got another 400 plus incidents.
> >> (news.aol.com) What site are
> >> you attempting to load?
> > Yahoo, to check my mail. Yahoo is my homepage.
> It
> > did not do this before, so apparently something is
> > wrong and it is not working :(.
> >> Apparently the site you are
> >> trying to connect to
> >> is doing bad things. I think seamonkey and
> firefox
> >> are alright.
> > I do not know which to blame more,
> seamonkey/firefox
> > or selinux. I need to find out more information
> and
> > find a cure for the problem. I do not understand
> well
> > enough what the exec stack is for and what it
> does.
> > So I will wait patiently and hope that the problem
> > goes away :).
> >
> >> Jim
> >>
> >> --
> >> fedora-test-list mailing list
> >> fedora-test-list at redhat.com
> >> To unsubscribe:
> >>
> >
>
https://www.redhat.com/mailman/listinfo/fedora-test-list
> >
> >
> > Regards,
> >
> > Antonio
> >
> >
> >
>
____________________________________________________________________________________
> > Looking for last minute shopping deals?
> > Find them fast with Yahoo! Search.
>
http://tools.search.yahoo.com/newsearch/category.php?category=shopping
> >
> http://people.redhat.com/~drepper/selinux-mem.html
>
> Explains execstack. This might be a rawhide issue
> with
> firefox/seamonkey and should be reported as a bug
> there. Setting the
> file unconfined_execmem_exec_t will stop the system
> from complaining.
>
> This could also be a java plugin issue, as java
> requires
> execmem/execstack to work. But java usually runs as
> a separate process.
>
> Setting this file unconfined_execmem_exec_t, takes
> away the SELinux
> protection against buffer overflow attacks. IE
> Making it the same as if
> SELinux was not running.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.8 (GNU/Linux)
> Comment: Using GnuPG with Fedora -
> http://enigmail.mozdev.org
>
>
iEYEARECAAYFAkexrJMACgkQrlYvE4MpobNKGwCglD1tItC4+Md6R8BWvsY5vuGQ
> fEAAnRojEwntyTaMW828hLmA2KJMWzNV
> =jxfZ
> -----END PGP SIGNATURE-----
>
> --
> fedora-test-list mailing list
> fedora-test-list at redhat.com
> To unsubscribe:
>
https://www.redhat.com/mailman/listinfo/fedora-test-list
>
I have filed a bug
https://bugzilla.redhat.com/show_bug.cgi?id=432198
But I also did what you told me on the other message:
[root at localhost ~]# chcon -t unconfined_execmem_exec_t
/usr/lib/firefox-3.0b4pre/firefox
[root at localhost ~]# semanage fcontext -a -t
unconfined_execmem_exec_t
/usr/lib/firefox-3.0b4pre/firefox
[root at localhost ~]# restorecon
/usr/lib/firefox-3.0b4pre/firefox
/etc/selinux/targeted/contexts/files/file_contexts:
Multiple same specifications for /usr/bin/sbcl.
[root at localhost ~]#
I do not want to have a compromised system, but I am
getting tired of the exec stack stuff appearing just
about everytime I start firefox and now seamonkey as
well. Should I also file a bug against seamonkey for
using the stack?
Regards,
Antonio
____________________________________________________________________________________
Looking for last minute shopping deals?
Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
More information about the fedora-test-list
mailing list