On Wed 28 July 2010 02:38:24 Ankur Sinha wrote: > hi, > > I've recently come across an selinux issue. > > Is this another selinux issue with the package? The detailed description says exactly why the notice came up, dude. It's not an SElinux issue, it's a windows-applications-trying-to-do-stupid-things-with- memory-that-is-barely-okay-in-windows issue. > (I don't want to switch off selinux.) > > regards, > Ankur > > > Summary: > > > > SELinux has prevented wine from performing an unsafe memory operation. > > > > Detailed Description: > > > > SELinux denied an operation requested by wine-preloader, a program used > > to run Windows applications under Linux. This program is known to use an > > unsafe operation on system memory but so are a number of malware/exploit > > programs which masquerade as wine. If you were attempting to run a > > Windows program your only choices are to allow this operation and reduce > > your system security against such malware or to refrain from running > > Windows applications under Linux. If you were not attempting to run a > > Windows application this indicates you are likely being attacked by some > > for of malware or program trying to exploit your system for nefarious > > purposes. Please refer to > > http://wiki.winehq.org/PreloaderPageZeroProblem Which outlines the other > > problems wine encounters due to its unsafe use of memory and solutions to > > those problems. > > > > Allowing Access: > > > > If you decide to continue to run the program in question you will need to > > allow this operation. This can be done on the command line by executing: > > # setsebool -P mmap_low_allowed 1 > > > > Fix Command: > > > > /usr/sbin/setsebool -P mmap_low_allowed 1 > > > > Additional Information: > > > > Source Context > > unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 Target Context > > unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 Target Objects > > None [ memprotect ] > > Source wine-preloader > > Source Path /usr/bin/wine-preloader > > Port <Unknown> > > Host localhost.localdomain > > Source RPM Packages wine-core-1.2.0-1.fc13 > > Target RPM Packages > > Policy RPM selinux-policy-3.7.19-39.fc13 > > Selinux Enabled True > > Policy Type targeted > > Enforcing Mode Enforcing > > Plugin Name wine > > Host Name localhost.localdomain > > Platform Linux localhost.localdomain > > > > 2.6.33.6-147.fc13.x86_64 #1 SMP Tue Jul 6 > > 22:32:17 UTC 2010 x86_64 x86_64 > > > > Alert Count 7 > > First Seen Wed 28 Jul 2010 14:52:13 IST > > Last Seen Wed 28 Jul 2010 15:05:01 IST > > Local ID 31ffc502-0121-44b8-8cf1-5e02ad32fca1 > > Line Numbers > > > > Raw Audit Messages > > > > node=localhost.localdomain type=AVC msg=audit(1280309701.355:60): avc: > > denied { mmap_zero } for pid=11268 comm="wine-preloader" > > scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 > > tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 > > tclass=memprotect > > > > node=localhost.localdomain type=SYSCALL msg=audit(1280309701.355:60): > > arch=40000003 syscall=90 success=no exit=-13 a0=ffe19130 a1=0 > > a2=ffe19130 a3=5a items=0 ppid=11109 pid=11268 auid=500 uid=500 gid=500 > > euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 > > comm="wine-preloader" exe="/usr/bin/wine-preloader" > > subj=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 key=(null) -- Ryan Rix == http://hackersramblings.wordpress.com | http://rix.si/ == == http://rix.si/page/contact/ if you need a word ==
Attachment:
signature.asc
Description: This is a digitally signed message part.
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
