[ANN] SETools 3.3 Release
Christopher J. PeBenito
cpebenito at tresys.com
Fri Aug 3 12:26:27 UTC 2007
A new release of SETools is now available on the Tresys OSS site, from
http://oss.tresys.com. The primary changes this release are performance
enhancements, especially for source policies, the ability to select
which AV rules are compared (allow and dontaudit only, for example) in
sediff and sediffx, and a rewrite of libsefs with C++. The complete
change log for this release follows.
SETools 3.3:
SETools:
* SETools now has an external dependency upon libsqlite3 >= 3.2. The
supplied configure script will enforce this dependency.
* pkg-config scripts are installed with the SETools libraries.
libsefs:
* Rewrite of library to have proper namespaces and much more usable
object-oriented design.
* SWIG wrappers generated for this library if the appropriate
configure flags are set.
findcon, searchcon:
* Merge searchcon's functionality into findcon. The searchcon tool
has been removed from SETools.
indexcon, replcon:
* Updated to use new libsefs design.
apol:
* Updated to use new libsefs design.
* Modified to use the SWIG Tcl interface rather than a custom C
library. apol is now a combination of a Tcl script (simply called
'apol') and associated packages that are required at runtime.
* Neverallow rules are only loaded and expanded when the user
performs a search for them. This will dramatically speed up
initial policy load time.
awish:
* awish is no longer needed and thus has been removed from SETools.
sediff, sediffx:
* Instead of differentiating "AV rules" or "TE rules", user now
specifies which particular rule to compare (allow, dontaudit,
type_transition, etc.).
* Neverallow rules are only loaded and expanded when the user
performs a diff upon them. This will dramatically speed up
initial policy load time.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
More information about the fedora-selinux-list
mailing list