SELinux bug or real security issue?

RESOLVED INCOMPLETE

Status

()

Firefox
Untriaged
RESOLVED INCOMPLETE
2 years ago
2 years ago

People

(Reporter: Alexander Ploumistos, Unassigned)

Tracking

50 Branch
x86_64
Linux
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

2 years ago
User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
Build ID: 20161130084405

Steps to reproduce:

A few months ago, I enabled e10s in Firefox (48, I think), on a number of Fedora 23 & 24 installations. Pretty soon, I started seeing SELinux alerts stating "SELinux is preventing 57656220436F6E74656E74 from 'create' accesses on the rawip_socket Unknown.".
(see bugs
https://bugzilla.redhat.com/show_bug.cgi?id=1275961
https://bugzilla.redhat.com/show_bug.cgi?id=1230052
)
As I've mentioned in RHBZ#1275961, these warnings appeared almost on every visit to www.merriam-webster.com and on a few other sites with ad rotators, such as Ars Technica. In the latter cases, the warnings popped up as soon as a particular ad came into view. I haven't been able to pinpoint the ads in question, though.

The latest selinux-policy update (selinux-policy-3.13.1-225.3.fc25) does not audit the creation of rawip sockets any more, so the messages are gone:
http://pkgs.fedoraproject.org/cgit/rpms/selinux-policy.git/commit/?id=6319c499e49abffa7520a40a11c30851eab9425f
(++dontaudit mozilla_plugin_t self:rawip_socket create_socket_perms;)

I couldn't find a similar issue in BMO so I had to ask: was this indeed a SELinux bug or could it be something else?
(Reporter)

Updated

2 years ago
OS: Unspecified → Linux
Hardware: Unspecified → x86_64

Comment 1

2 years ago
This sounds like a question for a forum or mailing list instead, as I neither see a bug report nor a feature request in this ticket...
(Reporter)

Comment 2

2 years ago
Is dev-security@lists.mozilla.org the right one for this?
Alexander, the above e-mailing list is the correct one. I shall close this bug as incomplete and you should move this question to the above e-mailing list.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.