Warsaw (plugin) for acessing banking account

Support for security such as Firewalls and securing linux
Post Reply
frbelotto
Posts: 2
Joined: 2021/09/07 00:31:07

Warsaw (plugin) for acessing banking account

Post by frbelotto » 2021/09/07 00:44:59

Guys,
First of all, sorry to bother with a stupid question (at least it seens to...). (and sorry for spelling mistakes too!)

I am new to linux and I choose CentOs as an option. Everithing is running smoothly and nice, except acessing my bank account.

To acess my bank account I must use an installed plugin called Warzsaw (https://www.topaz.com.br/ofd/warsaw.php)

I was able to download and install it. At the first time I use, it works nice.

A few seconeds later I start to get some security warnings and the plugin is not allowed to run anymore.

I know I should do some kind of custom app policy, but I don´t know how to do It (at least not to crash my hole system!)



*********************************************************************************************************************************************************************

"SELinux is preventing /usr/lib/systemd/systemd from 'execute' accesses on the file core.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that systemd should be allowed execute access on the core file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c '(core)' --raw | audit2allow -M my-core
# semodule -X 300 -i my-core.pp

Additional Information:
Source Context system_u:system_r:init_t:s0
Target Context system_u:object_r:tmp_t:s0
Target Objects core [ file ]
Source (core)
Source Path /usr/lib/systemd/systemd
Port <Unknown>
Host (removed)
Source RPM Packages systemd-239-50.el8.x86_64
Target RPM Packages
SELinux Policy RPM selinux-policy-targeted-3.14.3-79.el8.noarch
Local Policy RPM selinux-policy-targeted-3.14.3-79.el8.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 4.18.0-338.el8.x86_64 #1 SMP Fri
Aug 27 17:32:14 UTC 2021 x86_64 x86_64
Alert Count 463
First Seen 2021-09-06 20:59:46 -03
Last Seen 2021-09-06 21:42:15 -03
Local ID f0c14293-ab67-4e3b-bb94-6949f26099f4

Raw Audit Messages
type=AVC msg=audit(1630975335.929:2091): avc: denied { execute } for pid=17338 comm="(core)" name="core" dev="dm-0" ino=20513730 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=file permissive=0


type=SYSCALL msg=audit(1630975335.929:2091): arch=x86_64 syscall=execve success=no exit=EACCES a0=557fc67d6440 a1=557fc69402e0 a2=557fc69945d0 a3=1 items=0 ppid=1 pid=17338 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=(core) exe=/usr/lib/systemd/systemd subj=system_u:system_r:init_t:s0 key=(null)

Hash: (core),init_t,tmp_t,file,execute
"

scottro
Forum Moderator
Posts: 2556
Joined: 2007/09/03 21:18:09
Location: NYC
Contact:

Re: Warsaw (plugin) for acessing banking account

Post by scottro » 2021/09/07 12:59:46

It tells you what to do in the error message.

Code: Select all

You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c '(core)' --raw | audit2allow -M my-core
# semodule -X 300 -i my-core.pp
See
https://wiki.centos.org/HowTos/SELinux# ... udit2allow
New users should check the FAQ and Read Me First pages

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Warsaw (plugin) for acessing banking account

Post by TrevorH » 2021/09/07 13:30:31

Though that's a symptom not the cause. It wouldn't be trying to read a core file if it wasn't also crashing and creating a core dump?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

frbelotto
Posts: 2
Joined: 2021/09/07 00:31:07

Re: Warsaw (plugin) for acessing banking account

Post by frbelotto » 2021/09/07 14:14:59

scottro wrote:
2021/09/07 12:59:46
It tells you what to do in the error message.

Code: Select all

You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c '(core)' --raw | audit2allow -M my-core
# semodule -X 300 -i my-core.pp
See
https://wiki.centos.org/HowTos/SELinux# ... udit2allow

Thanks, I will try that.
I knew It suggested the commands to be used, but I thought I should use it on a terminal and, off course, didn´t solve.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Warsaw (plugin) for acessing banking account

Post by TrevorH » 2021/09/07 15:15:17

A core file is something that is produced by the system when a crash occurs. The fact that it is trying to access it probably means the thing you're trying to run has crashed and the AVC denial is part of that crash not whatever it is that is stopping you from running the plugin. Perhaps read your other logs and see if there is more info there.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Post Reply