-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Pedro Jose wrote:
Hello, I received this warning after installing totem-xine and run
this for the first time. I am concerned because the solution will
affect all applications on the system. (SELinux warning).
This is:
Resúmen:
SELinux is preventing totem from changing the access protection of memory on the
heap.
Descripción Detallada:
The totem application attempted to change the access protection of memory on the
heap (e.g., allocated using malloc). This is a potential security problem.
Applications should not be doing this. Applications are sometimes coded
incorrectly and request this permission. The SELinux Memory Protection Tests
(
http://people.redhat.com/drepper/selinux-mem.html) web page explains how to
remove this requirement. If totem does not work and you need it to work, you can
configure SELinux temporarily to allow this access until the application is
fixed. Please file a bug report
(
http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package.
Permitiendo Acceso:
If you want totem to continue, you must turn on the allow_execheap boolean.
Note: This boolean will affect all applications on the system.
El siguiente comando permitirá este acceso:
setsebool -P allow_execheap=1
Información Adicional:
Contexto Fuente system_u:system_r:unconfined_t:s0
Contexto Destino system_u:system_r:unconfined_t:s0
Objetos Destino None [ process ]
Source totem
Source Path /usr/bin/totem
Port <Desconocido>
Host localhost.localdomain
Source RPM Packages totem-xine-2.20.1-1.lvn8
Target RPM Packages
RPM de Políticas selinux-policy-3.0.8-93.fc8
SELinux Activado True
Tipo de Política targeted
MLS Activado True
Modo Obediente Enforcing
Nombre de Plugin allow_execheap
Nombre de Equipo localhost.localdomain
Plataforma Linux localhost.localdomain 2.6.24.3-34.fc8 #1 SMP
Wed Mar 12 18:17:20 EDT 2008 i686 i686
Cantidad de Alertas 2
First Seen lun 24 mar 2008 22:26:42 CET
Last Seen lun 24 mar 2008 22:26:42 CET
Local ID c06e8b85-a4b1-4b69-8672-76e95d189cf9
Números de Línea
Mensajes de Auditoría Crudos
host=localhost.localdomain type=AVC msg=audit(1206394002.429:87): avc:
denied { execheap } for pid=5071 comm="totem"
scontext=system_u:system_r:unconfined_t:s0
tcontext=system_u:system_r:unconfined_t:s0 tclass=process
host=localhost.localdomain type=SYSCALL msg=audit(1206394002.429:87):
arch=40000003 syscall=125 success=no exit=-13 a0=808f000 a1=ad4000
a2=5 a3=bfe0eff0 items=0 ppid=1 pid=5071 auid=500 uid=500 gid=500
euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none)
comm="totem" exe="/usr/bin/totem"
subj=system_u:system_r:unconfined_t:s0 key=(null)
How can I do?
Thanks
You are trying to run a program that is doing something dangerous. I am
pretty sure this is caused by a badly coded codec. You can either not
run the codec, or execute
# setsebool -P allow_execheap 1
Like the message told you.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org
iEYEARECAAYFAkfueCEACgkQrlYvE4MpobNhfwCbBRzkqtUp/2+6CkCuO6UWCKtl
StwAoOu+Ozzr7UPoFzGUgTwXAHsUXbzV
=m16G
-----END PGP SIGNATURE-----