Description of problem: In LSPP configuration /var/log/messages is SystemLow. Since SystemHigh data can be logged, this allows SystemHigh to SystemLow data flow. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
sgrubb: Shouldn't all /var/log contents be at SystemHigh?
Joe Nall: You're either allowing writedowns, or cannot log above SystemLow. Linda Knippers: There is support for the log being a trusted object. Is the issue just the level of the log file? Chad Hanson: Would you want syslogd to run at SystemHigh as well?
Fixed in selinux-policy-2.4.6-53.el5
Joe, any way you can you verify that this is fixed in the updated package?
I verified this is fixed in the 55 policy.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2007-0544.html