Red Hat Bugzilla – Bug 235725
In LSPP configuration /var/log/messages is SystemLow
Last modified: 2009-06-19 12:36:13 EDT
Description of problem: In LSPP configuration /var/log/messages is SystemLow.
Since SystemHigh data can be logged, this allows SystemHigh to SystemLow data flow.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
sgrubb: Shouldn't all /var/log contents be at SystemHigh?
Joe Nall: You're either allowing writedowns, or cannot log above SystemLow.
Linda Knippers: There is support for the log being a trusted object. Is the
issue just the level of the log file?
Chad Hanson: Would you want syslogd to run at SystemHigh as well?
Fixed in selinux-policy-2.4.6-53.el5
Joe, any way you can you verify that this is fixed in the updated package?
I verified this is fixed in the 55 policy.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.