Mozilla accessing java engine yield denials

Colin Walters walters at redhat.com
Fri Jul 9 20:33:39 UTC 2004


On Thu, 2004-06-17 at 07:43 -0400, Francis K Shim wrote:
> Edited to show relevant details more clearly:
> 
> denied { execute }
> 	exe=/bin/bash
> 	name=java
> 	scontext=user:staff_r:staff_mozilla_t 	tcontext=system_u:object_r:usr_t
> 	tclass=file

A quick fix may be to label the JVM with bin_t:

chcon -t bin_t /usr/java/blah/bin/java

> denied { search }
> 	exe=/usr/java/j2re1.4.2_01/bin/java
> 	name=vm
> 	scontext=user:staff_r:staff_mozilla_t
> 	tcontext=system_u:object_r:sysctl_vm_t
> 	tclass=dir

You can like likely just ignore this.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20040709/851aad19/attachment.bin 


More information about the selinux mailing list