This one time, at band camp, Russell Coker said:
> type=AVC msg=audit(1278729355.797:22750): avc: denied { execmem } for
> pid=2649 comm="freshclam" scontext=system_u:system_r:freshclam_t:s0
> tcontext=system_u:system_r:freshclam_t:s0 tclass=process
> type=SYSCALL msg=audit(1278729355.797:22750): arch=c000003e syscall=9
> success=no exit=-13 a0=0 a1=1000 a2=7 a3=22 items=0 ppid=1 pid=2649
> auid=4294967295 uid=104 gid=108 euid=104 suid=104 fsuid=104 egid=108 sgid=108
> fsgid=108 tty=(none) ses=4294967295 comm="freshclam" exe="/usr/bin/freshclam"
> subj=system_u:system_r:freshclam_t:s0 key=(null)
>
> The above messages are logged when running this on a SE Linux system. It
> appears to work correctly anyway so it seems that the code has some fallback
> option for if execmem is denied.
>
> I can't think of a good reason for a program to have write/execute access to
> memory when all it does is download data from the network.I agree. Can you provide some help tracking it down? Cheers, -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [email protected] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
signature.asc
Description: Digital signature
_______________________________________________ Pkg-clamav-devel mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/pkg-clamav-devel
