[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Selinux attacks acroread again



Paul Smith wrote:
On 4/13/06, Paul Howarth <paul city-fan org> wrote:
Thanks, Paul. Done so and subsequently:

# chcon -t texrel_shlib_t
/usr/local/Adobe/Acrobat7.0/Reader/intellinux/lib/libJP2K.so
# chcon -t texrel_shlib_t
/usr/local/Adobe/Acrobat7.0/Reader/intellinux/lib/libCoolType.so

Acroread shows up, but reporting errors while loading a bunch of
plugins. Any ideas?
Did you do:

/usr/sbin/semanage fcontext -a -t textrel_shlib_t \
'/usr/local/Adobe/Acrobat7.0/Reader/intellinux/SPPlugins/.*\.apl'

/usr/sbin/semanage fcontext -a -t textrel_shlib_t \
'/usr/local/Adobe/Acrobat7.0/Reader/intellinux/plug_ins/.*\.api'

before the restorecon?

What's the output of:

$ ls -lZ /usr/local/Adobe/Acrobat7.0/Reader/intellinux/*/*.ap*

Yes, I did that before restorecon.

# ls -lZ /usr/local/Adobe/Acrobat7.0/Reader/intellinux/*/
*.ap*
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t /usr/local/Adobe
/Acrobat7.0/Reader/intellinux/plug_ins/Accessibility.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t /usr/local/Adobe
/Acrobat7.0/Reader/intellinux/plug_ins/AcroForm.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t /usr/local/Adobe
/Acrobat7.0/Reader/intellinux/plug_ins/Annots.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t /usr/local/Adobe
/Acrobat7.0/Reader/intellinux/plug_ins/checkers.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t /usr/local/Adobe
/Acrobat7.0/Reader/intellinux/plug_ins/DigSig.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t /usr/local/Adobe
/Acrobat7.0/Reader/intellinux/plug_ins/EFS.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t /usr/local/Adobe
/Acrobat7.0/Reader/intellinux/plug_ins/EScript.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t /usr/local/Adobe
/Acrobat7.0/Reader/intellinux/plug_ins/ewh.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t
/usr/local/Adobe /Acrobat7.0/Reader/intellinux/plug_ins/LegalPDF.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t
/usr/local/Adobe /Acrobat7.0/Reader/intellinux/plug_ins/MakeAccessible.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t
/usr/local/Adobe /Acrobat7.0/Reader/intellinux/plug_ins/PDDom.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t
/usr/local/Adobe /Acrobat7.0/Reader/intellinux/plug_ins/PPKLite.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t
/usr/local/Adobe /Acrobat7.0/Reader/intellinux/plug_ins/SaveAsRTF.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t
/usr/local/Adobe /Acrobat7.0/Reader/intellinux/plug_ins/SearchFind.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t
/usr/local/Adobe /Acrobat7.0/Reader/intellinux/plug_ins/SendMail.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t
/usr/local/Adobe /Acrobat7.0/Reader/intellinux/plug_ins/SOAP.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t
/usr/local/Adobe /Acrobat7.0/Reader/intellinux/plug_ins/Spelling.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t
/usr/local/Adobe /Acrobat7.0/Reader/intellinux/plug_ins/wwwlink.api
-rwxr-xr-x  root     root     system_u:object_r:textrel_shlib_t
/usr/local/Adobe /Acrobat7.0/Reader/intellinux/SPPlugins/ADMPlugin.apl

They all look ok; does it work with SELinux in permissive mode?

Try:
# setenforce 0

If it still doesn't work, the problem's not SELinux.

If it does, look for the SELinux denials in /var/log/messages or /var/log/audit/audit.log

# setforce 1
will turn enforcing mode back on.

Paul.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]