[ANN] Madison policy generation tools
Karl MacMillan
kmacmill at redhat.com
Wed Dec 20 17:11:40 UTC 2006
The first public release of the Madison SELinux policy generation tools
can be found at http://et.redhat.com/madison/. Madison is a new project
to create command line and GUI policy generation tools that:
* Create more readable and secure policy by leveraging the reference
policy development environment.
* Provide administrators with guidance and information to help them
make good security decisions.
This release focuses on the creation of a foundation library (in
python). It only includes a single tool - audit2policy - that is a drop
in replacement for audit2allow with better reference policy interface
call generation (using the undocumented -R audit2allow flag).
Contributions are very welcome. I'm looking for help with:
* Testing (particularly interface call generation and module
generation)
* Documenation
* Unit test creation
* Code / tool development
See the website for more details on contributing.
To the authors of other policy generation tools: I would like to avoid
duplication of effort where possible. The current release focuses on
areas that other tools have not explored thoroughly. Moving forward I
would to discuss how we can best work together.
Please send any feedback to the selinux development list.
Thanks - Karl
More information about the fedora-selinux-list
mailing list