bus/selinux: Fix audit message types. (!173) · Merge requests · dbus / dbus

Chris PeBenito requested to merge pebenito/dbus:update-selinux-auditing into master Sep 14, 2020

The SELinux log callback includes a message type. Not all messages are auditable and those that are have varying audit types. An audit message is a security-relevant event: security state changes, MAC permission denied, etc. A message that is auditable is not necessarily sensitive. Messages that are not auditable are not security-relevant, like messages about socket polling errors. Update the auditing accordingly.

If the message is not auditable, fall through and write it to syslog.

Signed-off-by: Chris PeBenito chpebeni@linux.microsoft.com

Edited Sep 22, 2020 by Chris PeBenito

bus/selinux: Fix audit message types.

Merge request reports