Various updates.

This commit is contained in:
Karl MacMillan 2005-06-15 01:14:09 +00:00
parent 5e0da6a03e
commit 9f945bcc2d
6 changed files with 99 additions and 45 deletions

View File

@ -0,0 +1 @@
<h1>Documentation</h1>

View File

@ -1,46 +1,44 @@
<h1>Project Overview</h1>
<p>
The SELinux Reference Policy project (refpolicy) is creating a complete SELinux policy as an alternative to the existing strict and targeted policies. What will set refpolicy apart?
The SELinux Reference Policy project (refpolicy) is creating a complete SELinux policy as an alternative to the existing strict and targeted policies available from <a href="http://selinux.sf.net>selinux.sf.net</a>. What will set refpolicy apart?
</p>
<ul>
<li>Security: refpolicy has a mandate to develop security goals that are clear and rigoursly applied</li>
<li>Security: refpolicy has a mandate to develop security goals that are clear and rigoursly applied</li>
<li>Usability: refpolicy will be easier to understand and use.</li>
<li>Documentation: refpolicy has a structure that makes it possible to create in-depth documentation.
<li>Flexibility: refpolicy will support source, loadable, and MLS modules with simple configuration.</li>
<li>Documentation: refpolicy has a structure that makes it possible to create in-depth documentation.
<li>Flexibility: refpolicy will support source, loadable, and MLS modules with simple configuration.</li>
</ul>
Refpolicy is under active development, with support and full time development staff at <a href="http://www.tresys.com">Tresys Technology</a>. We are looking for policy developers interested in <a href="contributing.html">contributing</a>.
<p>
Refpolicy is under active development, with support and full time development staff from <a href="http://www.tresys.com">Tresys Technology</a>. We are looking for policy developers interested in <a href="contributing.html">contributing</a>.
</p>
<h2>Background</h2>
<P>
The purpose of this document is to serve as a blueprint to policy developers
and serves as the initial means for communicating the motivations, approach and
goals of the <i>SELinux Reference Policy</i> development project. This document
is intended for SELinux policy developers and other members of the SELinux
development community interested in building a secure foundation upon which to
build high-assurance solutions using SELinux. The reference policy will provide
a carefully designed and consistent system security policy that can be used as
a basis for developing secure solutions using SELinux.
</p>
<h2>Roadmap</h2>
<h3>Background and Motivation</h3>
<P>
One of the key motivations for this project is the drive to get SELinux
mainstreamed into commercial products. True, SELinux is currently being
incorporated into various commercial distributions, but clearly, widespread
adoption of SELinux as a commercial product eventually will require the
operating system to be certified. Efforts are already underway by IBM for
SELinux to undergo a Common Criteria evaluation under the Labeled Security
Protection Profile (LSPP). Furthermore, SELinux needs a more robust policy
structure upon which to build high-assurance solutions, such as intrusion
detection systems (IDS), cross-domain solutions, etc., particularly for
government and DoD security-critical missions.
</p>
<table border="1" cellspacing="0" cellpadding="3">
<tr>
<th class="title" colspan="3">Reference Policy Roadmap</th>
</tr>
<P>
Unfortunately, the current "strict" policy for SELinux does not meet the
requirements of high security systems. The policy chooses functionality over
security, with the implicit goal of not breaking legacy application behavior.
Additionally, it has no clear security goals and those that exist are not
rigorously followed or are ignored to preserve functionality. Furthermore,
complexity is increasing in the policy and the situation is not improving.
</p>
<tr>
<td class="header">Version</td><td class="header">Date</td><td class="header">Description</td>
</tr>
<tr>
<td>0.1</td><td>June 14, 2005</td><td>Initial public release, basic policy restructuring, minimal modules</td>
</tr>
<tr>
<td>0.2</td><td>July 2005</td><td>Restructuring complete, additional modules, improved infrastructure, and incorporated community feedback</td>
</tr>
<tr>
<td>0.3</td><td>August 2005</td><td>Additional modules, basic role infrastructure, and tested loadable module support</td>
</tr>
<tr>
<td>0.4</td><td>September 2005</td><td>Additional modules and complete role infrastructure and role separation</td>
</tr>
<tr>
<td>0.5</td><td>October 2005</td><td>Additional modules, targeted policy, and tested MLS support</td>
</tr>
<tr>
<td>0.6</td><td>December 2005</td><td>Additional modules and module variations</td>
</tr>

View File

@ -1,7 +1,7 @@
<a href="index.php">Home</a><br />
<a href="documentation.html">Documentation</a> - <br />
<a href="status.html">Status</a> - <br />
<a href="contributing.html">Contributing</a> - <br />
<a href="index.php">Reference Policy</a><br />
<a href="index.php?page=documentation">Documentation</a> - <br />
<a href="index.php?page=status">Status</a> - <br />
<a href="index.php?page=contributing">Contributing</a> - <br />
<a href="http://sourceforge.net/project/showfiles.php?group_id=???">Download</a> - <br />
<a href="http://sourceforge.net"><IMG src="http://sourceforge.net/sflogo.php?group_id=???&amp;type=1" w
idth="88" height="31" border="0" alt="SourceForge.net Logo" /></A>

View File

@ -0,0 +1,5 @@
<h1>Status</h1>
<h2>Version .1</h2>
<p>
Version .1 of refpolicy was released on June 14, 2005. See <a href="index.php?page=download">download</a> for download information. This release focused on infrastructure, organization, and initial design rather than comprehensive policy coverage or security improvements.
</p>

View File

@ -9,7 +9,7 @@
require_once (SMARTY_DIR."Smarty.class.php");
$smarty = new Smarty;
$smarty->compile_dir = "/home/groups/s/se/sepolicy-server/t_c";
$smarty->compile_dir = "/home/groups/s/se/serefpolicy/t_c";
$smarty->template_dir = "$fixpath/html";
$smarty->assign("border", "0");

View File

@ -13,19 +13,50 @@ h1 {
font-weight:900;
color:#ccc;
}
h2 {
font-size:100%;
}
h3 {
font-size:75%;
}
h4 {
font-size:67%;
}
li {
font:11px/20px verdana, arial, helvetica, sans-serif;
margin:0px 0px 0px 0px;
padding:0px;
}
p {
/* normal */
font:11px/20px verdana, arial, helvetica, sans-serif;
margin:0px 0px 16px 0px;
padding:0px;
}
tt {
/* inline code */
font-family: monospace;
}
table {
background-color: white;
color: black;
text-align: left;
font:11px/20px verdana, arial, helvetica, sans-serif;
margin-left: 10%;
margin-right: 10%;
}
th {
background-color: #ccccff;
text-align: center;
}
td.header {
font-weight: bold;
}
#Content>p {margin:0px;}
#Content>p+p {text-indent:30px;}
a {
@ -57,6 +88,25 @@ pre {
text-decoration:none;
font-family:courier;
}
pre.codeblock {
/* code block (bordered, slight gray background) */
border-style:solid;
border-color:black;
border-width:1px 1px 1px 1px;
background-color:#f8f8f8;
margin-left: 10%;
margin-right: 10%;
}
dl {
/* definition text block */
font:11px/20px verdana, arial, helvetica, sans-serif;
margin:0px 0px 16px 0px;
padding:0px;
}
dt {
/* definition term */
font-weight: bold;
}
#Header {
margin:50px 0px 10px 0px;
@ -83,7 +133,7 @@ body>#Header {height:14px;}
position:absolute;
top:100px;
left:20px;
width:152px;
width:162px;
padding:10px;
background-color:#eee;
border:1px dashed #999;
@ -91,6 +141,6 @@ body>#Header {height:14px;}
text-align:right;
voice-family: "\"}\"";
voice-family:inherit;
width:150px;
width:160px;
}
body>#Menu {width:150px;}
body>#Menu {width:160px;}