From Fedora Project Wiki
(outdated links; lack of in-depth info)
 
(One intermediate revision by one other user not shown)
Line 33: Line 33:
|SELinux reference policy || http://serefpolicy.sourceforge.net/ || The new framework for an all-in-one modular policy
|SELinux reference policy || http://serefpolicy.sourceforge.net/ || The new framework for an all-in-one modular policy
|-
|-
|Reference policy RPMs || ftp://people.redhat.com/dwalsh/SELinux/fedora/ || Dan Walsh's YUM repository for SELinux reference policy RPM packages; these usually get propagated to Rawhide after couple of hours
|Reference policy RPMs || ftp://people.redhat.com/dwalsh/SELinux/fedora/ || Dan Walsh's [[dnf|DNF]]|YUM repository for SELinux reference policy RPM packages; these usually get propagated to Rawhide after couple of hours
|-
|-
|SELinux for Distributions || http://selinux.sourceforge.net/ || General development and NSA CVS archive
|SELinux for Distributions || http://selinux.sourceforge.net/ || General development and NSA CVS archive
|-
|-
|LSPP kernel ||  http://people.redhat.com/sgrubb/files/lspp/ || Bleeding edge LSPP development kernel YUM repository
|LSPP kernel ||  http://people.redhat.com/sgrubb/files/lspp/ || Bleeding edge LSPP development kernel [[dnf|DNF]]|YUM repository
|-
|-
|audit || ftp://ftp.uk.linux.org/pub/people/dwmw2/audit/ || David Woodhouse's audit packages, note the kernels here are for CAPP systems not LSPP
|audit || ftp://ftp.uk.linux.org/pub/people/dwmw2/audit/ || David Woodhouse's audit packages, note the kernels here are for CAPP systems not LSPP
Line 54: Line 54:


* [http://www.commoncriteriaportal.org/public/consumer/index.php?menu=5 Common Criteria Protection Profiles]
* [http://www.commoncriteriaportal.org/public/consumer/index.php?menu=5 Common Criteria Protection Profiles]
[[Category:SELinux]]

Latest revision as of 08:28, 8 October 2015

Outdated.png
This wiki page is outdated
Please update this wiki page to reflect recent events or newly available information.

Multi Level Security / LSPP Overview

The MLS functionality in SE Linux is being developed as part of the Common Criteria LSPP certification work. The LSPP work aims to get LSPP , RBAC , and CAPP certification at EAL 4+

This link from James Morris blog has a lot of background information on the LSPP work.

Chris Runge Paper: The Path to Multi-Level Security in Red Hat Enterprise Linux

Mailing lists

Name Information and archive Comments
selinux http://www.nsa.gov/selinux/info/list.cfm?MenuID=41.1.1.9 / http://marc.theaimsgroup.com/?l=selinux&r=1&w=2 General SELinux development discussions
linux-audit https://www.redhat.com/mailman/listinfo/linux-audit Auditing specific issues
redhat-lspp https://www.redhat.com/mailman/listinfo/redhat-lspp LSPP on RedHat development
fedora-selinux https://www.redhat.com/mailman/listinfo/fedora-selinux-list Fedora specific SELinux issues


Projects and Repositories

Name Information and archive Comments
SELinux reference policy http://serefpolicy.sourceforge.net/ The new framework for an all-in-one modular policy
Reference policy RPMs ftp://people.redhat.com/dwalsh/SELinux/fedora/ Dan Walsh's DNF|YUM repository for SELinux reference policy RPM packages; these usually get propagated to Rawhide after couple of hours
SELinux for Distributions http://selinux.sourceforge.net/ General development and NSA CVS archive
LSPP kernel http://people.redhat.com/sgrubb/files/lspp/ Bleeding edge LSPP development kernel DNF|YUM repository
audit ftp://ftp.uk.linux.org/pub/people/dwmw2/audit/ David Woodhouse's audit packages, note the kernels here are for CAPP systems not LSPP
devallocator http://sourceforge.net/projects/devallocator/ TCS Device Allocation

Links

  • MCS Policy - MCS is based on the same kernel features so much of the MLS development work applies to it. Also as MCS will be vastly more popular than MLS it's expected that many applications will get support for MCS which can then be used for MLS at a later time.