execmem

[Jason Dravet]

> >https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175487  see
> >http://bugzilla.gnome.org/show_bug.cgi?id=324730 for details about this.
>
>Reading this...I wonder if it was solved by:
>https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=177121
>
>In that one the dynamic loader was the problem. If you cannot reproduce the 
>bugs,
>I'd close them since they may have been solved by the above bug. If you get 
>a
>recurrance of the bug, re-open it and try to get an strace of the program 
>when
>you know that it is generating the entry. The strace might let us figure 
>out
>where in the code to start looking.

Since this one is fixed I will close it.

> >and https://bugzilla.mozilla.org/show_bug.cgi?id=319913
>
>Not 100% sure on this either. If its gone...I'd say handle it like the 
>above.

It works, but my audit.log is full of:
type=AVC msg=audit(1137011293.241:40): avc:  granted  { execmem } for  
pid=2260 comm="firefox-bin" 
scontext=root:system_r:unconfined_t:s0-s0:c0.c255 
tcontext=root:system_r:unconfined_t:s0-s0:c0.c255 tclass=process
type=SYSCALL msg=audit(1137011293.241:40): arch=40000003 syscall=192 
success=yes exit=134627328 a0=0 a1=a01000 a2=7 a3=22 items=0 pid=2260 auid=0 
uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="firefox-bin" 
exe="/usr/lib/firefox-1.5/firefox-bin"
type=AVC msg=audit(1137011293.241:41): avc:  granted  { execmem } for  
pid=2260 comm="firefox-bin" 
scontext=root:system_r:unconfined_t:s0-s0:c0.c255 
tcontext=root:system_r:unconfined_t:s0-s0:c0.c255 tclass=process
type=SYSCALL msg=audit(1137011293.241:41): arch=40000003 syscall=192 
success=yes exit=145117184 a0=0 a1=a01000 a2=7 a3=22 items=0 pid=2260 auid=0 
uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="firefox-bin" 
exe="/usr/lib/firefox-1.5/firefox-bin"
type=AVC msg=audit(1137012359.833:42): avc:  granted  { execmem } for  
pid=2260 comm="firefox-bin" 
scontext=root:system_r:unconfined_t:s0-s0:c0.c255 
tcontext=root:system_r:unconfined_t:s0-s0:c0.c255 tclass=process
type=SYSCALL msg=audit(1137012359.833:42): arch=40000003 syscall=192 
success=no exit=-1257865216 a0=0 a1=a01000 a2=7 a3=22 items=0 pid=2260 
auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 
comm="firefox-bin" exe="/usr/lib/firefox-1.5/firefox-bin"

It would be nice if there was a human readable time and date to help group 
messages together.  Right now I have no idea where one reboot ends and the 
next begins.  But I am getting off topic.
Which would be better silencing the AVC messages or having mozilla fix the 
execmem issues?  If you think this should be fixed by mozilla then please 
add yourself to the https://bugzilla.mozilla.org/show_bug.cgi?id=319913 bug 
so it can be confirmed and they will hopefully work on it.

Thanks,
Jason