New release of the LSM-based SELinux prototype

    Date27 Sep 2001
    CategorySELinux
    11848
    Posted ByAnthony Pell
    The SELinux web site including the mail list archive has been updated. The site includes a new release of the LSM-based SELinux prototype. This release contains many bug fixes and improvements to both LSM and SELinux and is based on the . . . The SELinux web site including the mail list archive has been updated. The site includes a new release of the LSM-based SELinux prototype. This release contains many bug fixes and improvements to both LSM and SELinux and is based on the lsm-2001_09_23 patch against kernel 2.4.10. The release includes new and reworked hooks to control additional operations.

    The policy now includes hwclock_t and ping_t domains for hwclock and ping (from David Wheeler,) an ipsec_t domain for the FreeSWAN IKE daemon and programs (from Mark Westerman,) and an httpd_t domain for Apache (from MITRE.) None of these has been extensively tested by the NSA SELinux team, and they may require some additional work. Note that we have not yet included any FreeSWAN or Apache components in the material distributed with SELinux.

    We have chosen not to release patches to our previous patches. You will need a complete set of patches or the complete (already patched) source code. We believe that the patches to patches were not being utilized enough to justify the work to create them. If you would rather apply updates as patches to our previous patches, please notify me directly at the address below so we can gauge the interest.

    --
    Howard Holm
    Secure Systems Research Office
    National Security Agency

    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    Do you read our distribution advisories on a regular basis?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    23
    radio
    [{"id":"84","title":"Yes, for a single distribution","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"85","title":"Yes, for multiple distributions","votes":"4","type":"x","order":"2","pct":66.67,"resources":[]},{"id":"86","title":"No","votes":"2","type":"x","order":"3","pct":33.33,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.