selinux issue with wine

Ankur Sinha sanjay.ankur at gmail.com
Wed Jul 28 09:38:24 UTC 2010 

hi,

I've recently come across an selinux issue.

Is this another selinux issue with the package? 

(I don't want to switch off selinux.)

regards,
Ankur


> 
> Summary:
> 
> SELinux has prevented wine from performing an unsafe memory operation.
> 
> Detailed Description:
> 
> SELinux denied an operation requested by wine-preloader, a program used to run
> Windows applications under Linux. This program is known to use an unsafe
> operation on system memory but so are a number of malware/exploit programs which
> masquerade as wine. If you were attempting to run a Windows program your only
> choices are to allow this operation and reduce your system security against such
> malware or to refrain from running Windows applications under Linux. If you were
> not attempting to run a Windows application this indicates you are likely being
> attacked by some for of malware or program trying to exploit your system for
> nefarious purposes. Please refer to
> http://wiki.winehq.org/PreloaderPageZeroProblem Which outlines the other
> problems wine encounters due to its unsafe use of memory and solutions to those
> problems.
> 
> Allowing Access:
> 
> If you decide to continue to run the program in question you will need to allow
> this operation. This can be done on the command line by executing: # setsebool
> -P mmap_low_allowed 1
> 
> Fix Command:
> 
> /usr/sbin/setsebool -P mmap_low_allowed 1
> 
> Additional Information:
> 
> Source Context                unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
> Target Context                unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
> Target Objects                None [ memprotect ]
> Source                        wine-preloader
> Source Path                   /usr/bin/wine-preloader
> Port                          <Unknown>
> Host                          localhost.localdomain
> Source RPM Packages           wine-core-1.2.0-1.fc13
> Target RPM Packages           
> Policy RPM                    selinux-policy-3.7.19-39.fc13
> Selinux Enabled               True
> Policy Type                   targeted
> Enforcing Mode                Enforcing
> Plugin Name                   wine
> Host Name                     localhost.localdomain
> Platform                      Linux localhost.localdomain
>                               2.6.33.6-147.fc13.x86_64 #1 SMP Tue Jul 6 22:32:17
>                               UTC 2010 x86_64 x86_64
> Alert Count                   7
> First Seen                    Wed 28 Jul 2010 14:52:13 IST
> Last Seen                     Wed 28 Jul 2010 15:05:01 IST
> Local ID                      31ffc502-0121-44b8-8cf1-5e02ad32fca1
> Line Numbers                  
> 
> Raw Audit Messages            
> 
> node=localhost.localdomain type=AVC msg=audit(1280309701.355:60): avc:  denied  { mmap_zero } for  pid=11268 comm="wine-preloader" scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect
> 
> node=localhost.localdomain type=SYSCALL msg=audit(1280309701.355:60): arch=40000003 syscall=90 success=no exit=-13 a0=ffe19130 a1=0 a2=ffe19130 a3=5a items=0 ppid=11109 pid=11268 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="wine-preloader" exe="/usr/bin/wine-preloader" subj=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 key=(null)
> 
>

More information about the devel mailing list