selinux issue with wine
Ankur Sinha
sanjay.ankur at gmail.com
Wed Jul 28 09:38:24 UTC 2010
hi,
I've recently come across an selinux issue.
Is this another selinux issue with the package?
(I don't want to switch off selinux.)
regards,
Ankur
>
> Summary:
>
> SELinux has prevented wine from performing an unsafe memory operation.
>
> Detailed Description:
>
> SELinux denied an operation requested by wine-preloader, a program used to run
> Windows applications under Linux. This program is known to use an unsafe
> operation on system memory but so are a number of malware/exploit programs which
> masquerade as wine. If you were attempting to run a Windows program your only
> choices are to allow this operation and reduce your system security against such
> malware or to refrain from running Windows applications under Linux. If you were
> not attempting to run a Windows application this indicates you are likely being
> attacked by some for of malware or program trying to exploit your system for
> nefarious purposes. Please refer to
> http://wiki.winehq.org/PreloaderPageZeroProblem Which outlines the other
> problems wine encounters due to its unsafe use of memory and solutions to those
> problems.
>
> Allowing Access:
>
> If you decide to continue to run the program in question you will need to allow
> this operation. This can be done on the command line by executing: # setsebool
> -P mmap_low_allowed 1
>
> Fix Command:
>
> /usr/sbin/setsebool -P mmap_low_allowed 1
>
> Additional Information:
>
> Source Context unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
> Target Context unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
> Target Objects None [ memprotect ]
> Source wine-preloader
> Source Path /usr/bin/wine-preloader
> Port <Unknown>
> Host localhost.localdomain
> Source RPM Packages wine-core-1.2.0-1.fc13
> Target RPM Packages
> Policy RPM selinux-policy-3.7.19-39.fc13
> Selinux Enabled True
> Policy Type targeted
> Enforcing Mode Enforcing
> Plugin Name wine
> Host Name localhost.localdomain
> Platform Linux localhost.localdomain
> 2.6.33.6-147.fc13.x86_64 #1 SMP Tue Jul 6 22:32:17
> UTC 2010 x86_64 x86_64
> Alert Count 7
> First Seen Wed 28 Jul 2010 14:52:13 IST
> Last Seen Wed 28 Jul 2010 15:05:01 IST
> Local ID 31ffc502-0121-44b8-8cf1-5e02ad32fca1
> Line Numbers
>
> Raw Audit Messages
>
> node=localhost.localdomain type=AVC msg=audit(1280309701.355:60): avc: denied { mmap_zero } for pid=11268 comm="wine-preloader" scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect
>
> node=localhost.localdomain type=SYSCALL msg=audit(1280309701.355:60): arch=40000003 syscall=90 success=no exit=-13 a0=ffe19130 a1=0 a2=ffe19130 a3=5a items=0 ppid=11109 pid=11268 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="wine-preloader" exe="/usr/bin/wine-preloader" subj=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 key=(null)
>
>
More information about the devel
mailing list