| Server IP : 172.24.0.40 / Your IP : 216.73.216.10 Web Server : Apache System : Linux dbweb26.ust.edu.ph 4.18.0-513.5.1.el8_9.x86_64 #1 SMP Fri Sep 29 05:21:10 EDT 2023 x86_64 User : apache ( 48) PHP Version : 8.2.18 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /usr/share/setroubleshoot/plugins/__pycache__/ |
Upload File : |
3
�wTaH
������������������@���sT���d�dl�Z�d�dlT�d�dlZejddd�ZejZd�dlT�d�dlmZ�G�dd��de�ZdS�) �����N)�*zsetroubleshoot-pluginsT)Zfallback)�Pluginc���������������@���sd���e�Zd�Zed�Zed�ZdZdZdZdZ dZ
dZ
d d
��Z
d
d
��Z
d
d��Zdd��Zdd��Zdd��ZdS�)�pluginzX
SELinux is preventing $SOURCE_PATH from creating an executable memory mapping.
a���
The $SOURCE application attempted to create an anonymous executable memory mapping,
or a writable executable file mapping. This is a potential security problem. Most
applications do not need this permission. The
<a href="http://people.redhat.com/drepper/selinux-mem.html">SELinux Memory Protection Tests</a>
web page explains why SELinux intervened and how to work around it if needed.
z6If this issue occurred during normal system operation.zIThis alert could be a serious issue and your system could be compromised.z9Contact your security administrator and report this issuez�If you know why $SOURCE needs to map a memory region that is both executable and writable and understand that this is a potential security problem.zFYou can allow the mapping by switching one of the following booleans: zuFollow the advice of the catchall_boolean plugin, otherwise contact your security administrator and report this issuec�������������C���s���|�j�S�)N)�problem_description)�self�avc�args��r ����2/usr/share/setroubleshoot/plugins/allow_execmem.py�get_problem_description5���s����z
plugin.get_problem_descriptionc�������������C���s���t�|�dkr|�jS�|�jS�)Nr���)�len�if_text�unsafe_if_text)r���r���r���r ���r ���r
����
get_if_text8���s����
zplugin.get_if_textc�������������C���s"���t�|�dkr
|�jdj|��S�|�jS�)Nr���z, )r
���� then_text�join�unsafe_then_text)r���r���r���r ���r ���r
����
get_then_text=���s����
zplugin.get_then_textc�������������C���s���t�|�dkr|�jS�|�jS�)Nr���)r
����do_text�unsafe_do_text)r���r���r���r ���r ���r
����
get_do_textB���s����
zplugin.get_do_textc�������������C���s&���t�j|�t��d|�_d|�_|�jd��d�S�)NFT�
���)r����__init__�__name__ZfixableZ
report_bugZ
set_priority)r���r ���r ���r
���r���G���s����
zplugin.__init__c�������������C���sD���dd�l�}|jdg�r@t|j�dkr8|�jdd��|jD���S�|�j��S�d�S�)Nr���Zexecmemc�������������S���s���g�|�]
}|d���qS�)r���r ���)�.0�br ���r ���r
����
<listcomp>R���s����z"plugin.analyze.<locals>.<listcomp>)�
subprocessZhas_any_access_inr
���ZboolsZreport)r���r���r
���r ���r ���r
����analyzeM���s
����
zplugin.analyzeN)r����
__module__�
__qualname__�_Zsummaryr���r���r���r���r
���r���r���r
���r���r���r���r���r
���r ���r ���r ���r
���r���
���s ���r���) Zselinux�stat�gettextZ
translationr!���Zsetroubleshoot.utilZsetroubleshoot.Pluginr���r���r ���r ���r ���r
����<module>���s���