Bug 235725 - In LSPP configuration /var/log/messages is SystemLow
In LSPP configuration /var/log/messages is SystemLow
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: selinux-policy (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
: OtherQA
Depends On:
Blocks: RHEL5LSPPCertTracker
  Show dependency treegraph
Reported: 2007-04-09 15:56 EDT by Joe Nall
Modified: 2009-06-19 12:36 EDT (History)
4 users (show)

See Also:
Fixed In Version: RHBA-2007-0544
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-11-07 11:39:00 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Joe Nall 2007-04-09 15:56:31 EDT
Description of problem: In LSPP configuration /var/log/messages is SystemLow.
Since SystemHigh data can be logged, this allows SystemHigh to SystemLow data flow.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:
Comment 1 George C. Wilson 2007-04-09 16:56:01 EDT
sgrubb: Shouldn't all /var/log contents be at SystemHigh?
Comment 2 George C. Wilson 2007-04-09 17:00:56 EDT
Joe Nall: You're either allowing writedowns, or cannot log above SystemLow.

Linda Knippers: There is support for the log being a trusted object. Is the
issue just the level of the log file?

Chad Hanson: Would you want syslogd to run at SystemHigh as well?
Comment 3 Daniel Walsh 2007-04-10 14:11:28 EDT
Fixed in selinux-policy-2.4.6-53.el5
Comment 6 George C. Wilson 2007-04-11 20:05:52 EDT
Joe, any way you can you verify that this is fixed in the updated package?
Comment 7 George C. Wilson 2007-04-12 19:00:18 EDT
I verified this is fixed in the 55 policy.
Comment 11 errata-xmlrpc 2007-11-07 11:39:00 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.