Selinux attacks acroread again
Paul Smith
phhs80 at gmail.com
Thu Apr 13 12:03:35 UTC 2006
On 4/13/06, Paul Howarth <paul at city-fan.org> wrote:
> Try:
>
> # grep -F 'avc: denied' /var/log/audit/audit.log /var/log/messages
/var/log/messages:Apr 13 13:00:39 localhost kernel:
audit(1144929639.666:42): avc: denied { execmod } for pid=6312
comm="acroread" name="libCoolType.so.5.01" dev=dm-0 ino=8258016
scontext=user_u:system_r:unconfined_t:s0
tcontext=system_u:object_r:lib_t:s0 tclass=file
/var/log/messages:Apr 13 13:00:54 localhost kernel:
audit(1144929654.489:43): avc: denied { execmod } for pid=6385
comm="acroread" name="libcrypto.so.0.9.6" dev=dm-0 ino=8258037
scontext=user_u:system_r:unconfined_t:s0
tcontext=system_u:object_r:lib_t:s0 tclass=file
Paul
More information about the users
mailing list