[wellylug] SELinux Security Alerts with Google Webmail (not with TelstraClear Webmail)
marchetti
marchetti at clear.net.nz
Fri Apr 23 22:20:26 NZST 2010
Every time I log on to my Google account I get this. Not so
with Clear.net.NZ webmail.
Summary:
SELinux is preventing chrome "open" access on
/opt/google/chrome/chrome.pak.
Detailed Description:
SELinux denied access requested by chrome. It is not
expected that this access
is required by chrome and this access may signal an
intrusion attempt. It is
also possible that the specific version or configuration of
the application is
causing it to require additional access.
Allowing Access:
You can generate a local policy module to allow this access
- see FAQ
(http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385)
Please file a bug
report.
Additional Information:
Source Context
unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c
0.c1023
Target Context system_u:object_r:usr_t:s0
Target Objects /opt/google/chrome/chrome.pak
[ file ]
Source chrome
Source Path chrome
Port <Unknown>
Host (removed)
Source RPM Packages
Target RPM Packages
google-chrome-beta-5.0.342.9-43360
Policy RPM selinux-policy-3.6.32-110.fc12
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Plugin Name catchall
Host Name (removed)
Platform Linux (removed)
2.6.32.11-99.fc12.i686 #1 SMP Mon
Apr 5 16:32:08 EDT 2010 i686
i686
Alert Count 1
First Seen Fri 23 Apr 2010 09:44:02 PM
NZST
Last Seen Fri 23 Apr 2010 09:44:02 PM
NZST
Local ID
0c851217-29e6-4fbe-89c6-cc66d39eb9e5
Line Numbers
Raw Audit Messages
node=(removed) type=AVC msg=audit(1272015842.451:21):
avc:
denied { open } for pid=2309 comm="chrome"
name="chrome.pak" dev=dm-0 ino=262517
scontext=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0
c1023 tcontext=system_u:object_r:usr_t:s0 tclass=file
Do I have a security problem? Or should I generate a local
policy module to allow access?
More information about the wellylug
mailing list