rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Updates.

Browse Source
This commit is contained in:
Karl MacMillan 2005-06-15 18:28:01 +00:00
parent 2d0e7a38a7
commit 1c50089e5e
5 changed files with 30 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
www/html/documentation.html
View File

@ -1 +1,2 @@
<h1>Documentation</h1>
<h1>Documentation</h1>
<p>Documentation is one of the primary goals of refpolicy. The current release has some documentation available in the form of a <a href="index.php?page=getting-started">getting started</a> guide. There is also <a href="api-docs/index.html">interface documentation</a> generated from the policy source.</p>

34
www/html/index.html
View File

@ -1,15 +1,15 @@
<h1>Project Overview</h1>
<p>
The SELinux Reference Policy project (refpolicy) is creating a complete SELinux policy as an alternative to the existing strict and targeted policies available from <a href="http://selinux.sf.net">http://selinux.sf.net</a>. Once complete this policy will be able to be used as the system policy for a variety of systems and used as the basis for creating other policies. Refpolicy is based on the current strict and targeted policies, but aims to accomplish many additional <a href="index.php?page=goals">goals</a>.
The SELinux Reference Policy project (refpolicy) is creating a complete SELinux policy as an alternative to the existing strict and targeted policies available from <a href="http://selinux.sf.net">http://selinux.sf.net</a>. Once complete this policy will be able to be used as the system policy for a variety of systems and used as the basis for creating other policies. Refpolicy is based on the current strict and targeted policies, but aims to accomplish many additional goals.
</p>
<br/>
<p>
Refpolicy is under active development, with support and full time development staff from <a href="http://www.tresys.com">Tresys Technology</a>. The first release is available from the <a href="index.php?page=download">download</a> page. This release is far from complete and is not usable as a drop in replacement for the existing policies. It is for interested policy developers and community members to examine and comment upon. The <a href="index.php?page=status">status</a> page has more details on what is included in the current release. This project is just getting started and we are looking for policy developers interested in <a href="contributing.html">contributing</a>.
</p>
<br>
<h1>Project Goals</h1>
<h2>Security</h2>
<p>Security is the reason for existence for SELinux policies and must, therefore, always be the first priority. The security of operating systems and applications is often presented as a binary state: software is either secure or not secure. In reality, that view of security is inadequate. What is a fundamental security flaw on one system might be the acceptable, or even the primary functionality, of another. The challenge for a system policies like the current strict or targeted policy and refpolicy is to support all of these differring security goals. To accomplish this refpolicy will provide:
<p>Security is the reason for existence for SELinux policies and must, therefore, always be the first priority. The common view of security as a binary state (secure or not secure) is not a sufficient goal for developing an SELinux policy. In reality, different systems have different requirements and purposes and corresponding differences in the meaning of secure. What is a fundamental security flaw on one system might be the acceptable, or even the primary functionality, of another. The challenge for a system policies like the current strict and targeted policy or refpolicy is to support as many of these differring security goals as is practical. To accomplish this refpolicy will provide:
</p>
<ul>
@ -21,13 +21,15 @@ Refpolicy is under active development, with support and full time development st
</ul>
<h2>Usability and Documentation</h2>
<ul>
<li>Security: refpolicy has a mandate to develop security goals that are clear and rigoursly applied</li>
<li>Usability: refpolicy will be easier to understand and use.</li>
<li>Documentation: refpolicy has a structure that makes it possible to create in-depth documentation.
<li>Flexibility: refpolicy will support source, loadable, and MLS modules with simple configuration.</li>
</ul>
<p>
The difficulty and complexity of creating SELinux policies has become the number one barrier to the adoption of SELinux. It also potentially reduces the security of the policies: a policy that is too complex to easily understand is difficult to make secure. Refpolicy aims to make aggressive improvements in this area, making policies easier to develop, understand, and analyze. This will be addressed through improved structuring and organization, the addition of modularity and abstraction, and documentation. See <a href="index.php?page=getting-started">getting started</a> and <a href="index.php?page=documentation">documentation</a> for more information.
</p>
<h2>Flexibility and Configuration</h2>
<p>
Refpolicy aims to support a variety of policy configurations and formats, including standard source policies, MLS policies, and
<A href="http://sepolicy-server.sourceforge.net/index.php?page=modules">loadable policy modules</A> all from the same source tree. This is done through the addition of infrastructure for automatically handling the differences between source and loadable module based policies and the additional MLS fields to all policy statements that include contexts.
</p>
<br>
<h1>Roadmap</h1>
<table border="1" cellspacing="0" cellpadding="3">
@ -40,21 +42,21 @@ Refpolicy is under active development, with support and full time development st
</tr>
<tr>
<td>0.1</td><td>June 14, 2005</td><td>Initial public release, basic policy restructuring, minimal modules</td>
<td>0.1</td><td>June 2005</td><td>Initial public release, basic policy restructuring, some infrastructure, few modules, and minimal documentation.</td>
</tr>
<tr>
<td>0.2</td><td>July 2005</td><td>Restructuring complete, additional modules, improved infrastructure, and incorporated community feedback</td>
<td>0.2</td><td>July 2005</td><td>Restructuring complete, additional modules, and improved infrastructure.</td>
</tr>
<tr>
<td>0.3</td><td>August 2005</td><td>Additional modules, basic role infrastructure, and tested loadable module support</td>
<td>0.3</td><td>August 2005</td><td>Additional modules, documentation, basic role infrastructure, and tested loadable module support.</td>
</tr>
<tr>
<td>0.4</td><td>September 2005</td><td>Additional modules and complete role infrastructure and role separation</td>
<td>0.4</td><td>September 2005</td><td>Additional modules, documentation, and complete role infrastructure including true role separation.</td>
</tr>
<tr>
<td>0.5</td><td>October 2005</td><td>Additional modules, targeted policy, and tested MLS support</td>
<td>0.5</td><td>October 2005</td><td>Additional modules, documentation, targeted policy, and tested MLS support</td>
</tr>
<tr>
<td>0.6</td><td>December 2005</td><td>Additional modules and module variations</td>
<td>0.6</td><td>December 2005</td><td>Additional modules, documentation, and module variations</td>
</tr>

4
www/html/menu.html
View File

@ -1,7 +1,7 @@
<a href="index.php">Reference Policy Home</a><br />
<a href="index.php?page=documentation">Documentation</a><br/>
- <a href="index.php?page=goals">Goals and Roadmap</a><br/>
- <a href="index.php?page=goals">Getting started</a><br/>
- <a href="index.php?page=getting-started">Getting Started</a><br/>
- <a href="api-docs/">Interface Reference</a><br/>
<a href="index.php?page=status">Status</a><br />
<a href="index.php?page=contributing">Contributing</a><br />
<a href="index.php?page=download">Download</a><br />

11
www/html/status.html
View File

@ -12,11 +12,14 @@
is targeted towards developers, to show the direction of the policy's
development, and to solicit feedback and assistance.
</p>
<table border>
<br>
<table border="1" cellspacing="0" cellpadding="3">
<tr>
<td><b>Component</b></td>
<td><b>Status</b></td>
<td><b>Description</b></td>
<th class="title" colspan="3">Reference Policy Status</th>
</tr>
<tr>
<td class="header">Task/Component</td><td class="header">Status</td><td class="header">Description</td>
</tr>
<tr>
<td>Policy Structure</td>

1
www/style.css
View File

@ -26,6 +26,7 @@ li {
font:11px/20px verdana, arial, helvetica, sans-serif;
margin:0px 0px 0px 0px;
padding:0px;
list-style-type:circle;
}
p {
/* normal */