When I run BC3 (3.3.8 build 16360) on Fedora19 with Cinnamon, this is what I get (also the extension on Nemo does not work).
SELinux is preventing /usr/lib/beyondcompare/BCompare from mmap_zero access on the memprotect .
***** Plugin mmap_zero (53.1 confidence) suggests **************************
If you do not think /usr/lib/beyondcompare/BCompare should need to mmap low memory in the kernel.
Then you may be under attack by a hacker, this is a very dangerous access.
Do
contact your security administrator and report this issue.
***** Plugin catchall_boolean (42.6 confidence) suggests *******************
If you want to control the ability to mmap a low area of the address space, as configured by /proc/sys/kernel/mmap_min_addr.
Then you must tell SELinux about this by enabling the 'mmap_low_allowed' boolean.
You can read 'unconfined_selinux' man page for more details.
Do
setsebool -P mmap_low_allowed 1
***** Plugin catchall (5.76 confidence) suggests ***************************
If you believe that BCompare should be allowed mmap_zero access on the memprotect by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep BCompare /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
Additional Information:
Source Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
023
Target Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
023
Target Objects [ memprotect ]
Source BCompare
Source Path /usr/lib/beyondcompare/BCompare
Port <Unknown>
Host localhost.localdomain
Source RPM Packages bcompare-3.3.8-16340.i386
Target RPM Packages
Policy RPM selinux-policy-3.12.1-73.fc19.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name localhost.localdomain
Platform Linux localhost.localdomain 3.10.9-200.fc19.x86_64
#1 SMP Wed Aug 21 19:27:58 UTC 2013 x86_64 x86_64
Alert Count 2
First Seen 2013-09-04 13:00:29 MDT
Last Seen 2013-09-04 13:19:42 MDT
Local ID 30550716-593d-4a35-af25-a62d783c27d6
Raw Audit Messages
type=AVC msg=audit(1378322382.485:2700): avc: denied { mmap_zero } for pid=28739 comm="BCompare" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=memprotect
type=SYSCALL msg=audit(1378322382.485:2700): arch=i386 syscall=lgetxattr per=400000 success=no exit=EACCES a0=0 a1=ffff a2=0 a3=32 items=0 ppid=28728 pid=28739 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 ses=204 tty=(none) comm=BCompare exe=/usr/lib/beyondcompare/BCompare subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
Hash: BCompare,unconfined_t,unconfined_t,memprotect,mmap _zero
SELinux is preventing /usr/lib/beyondcompare/BCompare from mmap_zero access on the memprotect .
***** Plugin mmap_zero (53.1 confidence) suggests **************************
If you do not think /usr/lib/beyondcompare/BCompare should need to mmap low memory in the kernel.
Then you may be under attack by a hacker, this is a very dangerous access.
Do
contact your security administrator and report this issue.
***** Plugin catchall_boolean (42.6 confidence) suggests *******************
If you want to control the ability to mmap a low area of the address space, as configured by /proc/sys/kernel/mmap_min_addr.
Then you must tell SELinux about this by enabling the 'mmap_low_allowed' boolean.
You can read 'unconfined_selinux' man page for more details.
Do
setsebool -P mmap_low_allowed 1
***** Plugin catchall (5.76 confidence) suggests ***************************
If you believe that BCompare should be allowed mmap_zero access on the memprotect by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep BCompare /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
Additional Information:
Source Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
023
Target Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
023
Target Objects [ memprotect ]
Source BCompare
Source Path /usr/lib/beyondcompare/BCompare
Port <Unknown>
Host localhost.localdomain
Source RPM Packages bcompare-3.3.8-16340.i386
Target RPM Packages
Policy RPM selinux-policy-3.12.1-73.fc19.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name localhost.localdomain
Platform Linux localhost.localdomain 3.10.9-200.fc19.x86_64
#1 SMP Wed Aug 21 19:27:58 UTC 2013 x86_64 x86_64
Alert Count 2
First Seen 2013-09-04 13:00:29 MDT
Last Seen 2013-09-04 13:19:42 MDT
Local ID 30550716-593d-4a35-af25-a62d783c27d6
Raw Audit Messages
type=AVC msg=audit(1378322382.485:2700): avc: denied { mmap_zero } for pid=28739 comm="BCompare" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=memprotect
type=SYSCALL msg=audit(1378322382.485:2700): arch=i386 syscall=lgetxattr per=400000 success=no exit=EACCES a0=0 a1=ffff a2=0 a3=32 items=0 ppid=28728 pid=28739 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 ses=204 tty=(none) comm=BCompare exe=/usr/lib/beyondcompare/BCompare subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
Hash: BCompare,unconfined_t,unconfined_t,memprotect,mmap _zero
Comment