I am learning Linux administration through experimentation and have run across a new area of in-expertise: SELinux, of which until recently I was barely aware. I was trying to install a Windows utility (,exe) used to communicate with a Canon digital camera, using the WINE installer, which I have successfully used to install other Windows apps.
In this instance WINE failed and an SELinux AVC Denial message appeared: wine-preloader had attempted mmap_zero and been denied. The troubleshoot dialog offered the option of modifying the policy settings to allow this but I didn’t opt for any until I understand the significance of the setting.
All in all it seems unwise to allow access to low memory - I understand the precaution - but mapping low memory t another location, which I think is what’s about to be happening here, doesn’t in itself seem to threaten the security to the system.
Or does it? Someone who understands this better is welcome to advise…
Thanks!
-CH-
P.S. I could and have installed the Windows app on a Windows machine but that is beside the point here; the point being understanding the Linux system better.