SAP Knowledge Base Article - Preview

3287951 - Vulnerability scanner reports "Unconfined processes run in unconfined domains" when using SELinux - SAP ASE


  • Vulnerability scanner reports several SAP ASE HADR binaries as "Unconfined processes run in unconfined domains."
  • SAP processes are listed as unconfined process during VA Nessus Scan include:
    • saphostexec
    • sapstartsrv
    • saposcol
    • sapuxuserchk
    • sybdbfm_<ASE_NAME>



  • SAP Adaptive Server Enterprise (ASE) 16.0
    HADR including components:
    • Fault Manager
    • SAP Host Agent
  • Red Hat Enterprise Linux (RHEL)
    Security Enhanced Linux (SELinux) 


SAP Adaptive Server Enterprise 16.0 ; SAP Replication Server 16.0


KBA , BC-SYB-ASE , Sybase ASE Database Platform (non Business Suite) , BC-SYB-REP , Sybase Replication Server (standalone) , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.