Re: [PATCH 2nd revision] Add SELinux context support to AUDIT target
This is not any more leak than leaking the context string to user
space as this patch
attempts to do. The rest of the audit code does log the numeric representation when
text fails.
There is no "leak" when the secctx is recorded in the audit log - it
is
supposed to be there, if present (and retrievable). As for exposing the
(internal) numerical representation of the secctx - this was discussed
previously and the approach you are suggesting was dropped. To quote
Eric on this very issue "[It] exports the internal secid to userspace.
These are dynamic, can change on lsm changes, and have no meaning in
userspace. We should instead be sending lsm contexts to userspace instead.".