Mozilla accessing java engine yield denials

Daniel J Walsh dwalsh at redhat.com
Mon Jul 12 17:10:09 UTC 2004


Colin Walters wrote:

>On Thu, 2004-06-17 at 07:43 -0400, Francis K Shim wrote:
>  
>
>>Edited to show relevant details more clearly:
>>
>>denied { execute }
>>	exe=/bin/bash
>>	name=java
>>	scontext=user:staff_r:staff_mozilla_t 	tcontext=system_u:object_r:usr_t
>>	tclass=file
>>    
>>
>
>A quick fix may be to label the JVM with bin_t:
>
>chcon -t bin_t /usr/java/blah/bin/java
>
>  
>
It should have had this label.  What was the label on the java 
executable?  What is the path?

>>denied { search }
>>	exe=/usr/java/j2re1.4.2_01/bin/java
>>	name=vm
>>	scontext=user:staff_r:staff_mozilla_t
>>	tcontext=system_u:object_r:sysctl_vm_t
>>	tclass=dir
>>    
>>
>
>You can like likely just ignore this.
>
>  
>
>------------------------------------------------------------------------
>
>--
>fedora-selinux-list mailing list
>fedora-selinux-list at redhat.com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>  
>




More information about the selinux mailing list