Tom London wrote:
type=SYSCALL msg=audit(1134335151.660:39): arch=40000003 syscall=125 per=400000
This is indeed a text relocation issue. Since the code is LGPLed they
have to provide you with the sources. Just use compile and use
eu-findtextrel to determine the sources of the text relocation.
type=PATH msg=audit(1134331229.904:20): item=0
flags=101 inode=145190 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=CWD msg=audit(1134331229.904:20): cwd="/home/tbl"
type=SYSCALL msg=audit(1134331229.904:20): arch=40000003 syscall=11
That's a fault in the execve syscall. This most likely means the binary
has a section which is executable and writable at the same time. This
really should never happen, it's a security nightmare. Would you want
an application which by its nature has to accept connections from all
over the net to have such a flaw?
Maybe you can post the output of
eu-readelf -l /usr/bin/skype
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖