On Monday, June 06, 2011 07:22:43 PM Pablo Neira Ayuso wrote: > On 06/06/11 15:10, Mr Dash Four wrote: > >> Exactly my point. There is no leak if its text or numeric. > > > > No, there is no leak if it is a text, but there *is* a leak if it is a > > numeric. I think I've made that quite clear. > > We don't use numeric secmark anymore in nf_conntrack. Not very familiar > with SELinux, but I remember that the convention was not to provide > internal numeric values.
All of the audit system records the numbers if conversion fails. We want it as forensic evidence or troubleshooting information as the case may be. -Steve -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
