>>SELinux Mailing List

Contents

Overview

What's New

Frequently Asked Questions

Background

Documentation

License

Download

Participating

Mail List

Archive Summary

Archive by Thread

Archive by Author

Archive by Date

Archive by Subject

Remaining Work

Contributors

Related Work

Press Releases

RE: Security policy analysis

From: Frank Mayer <mayerf_at_tresys.com>
Date: Wed, 10 Oct 2001 16:11:32 -0400

> So perhaps checkpolicy needs to be revised to generate an intermediate set
> of data structures that are more suitable for policy analysis tools prior
> to generating the final set of data structures for the kernel security
> server?

I think what Steve says is all reasonable and like I mentioned before, it wouldn't be hard to put what we have into checkpolicy even with two different policy DBs. Like I said, we really didn't set out to build a tool, but to analyze policies and so what we have can be viewed as a rapid prototype that we will likely continue to add to.

Frank

--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Received on Wed 10 Oct 2001 - 16:25:55 EDT

This message: [ Message body ]
Next message: Frank Mayer: "RE: Security policy analysis"
Previous message: Frank Mayer: "RE: Security policy analysis"
In reply to: Stephen Smalley: "RE: Security policy analysis"
Next in thread: Stephen Smalley: "Re: Security policy analysis"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

This archive was generated by hypermail 2.2.0 on Wed 11 Jun 2008 - 08:10:26 EDT