* which tool i should use for policy generation
@ 2007-07-12 3:17 Ken YANG
2007-07-12 12:09 ` Stephen Smalley
0 siblings, 1 reply; 2+ messages in thread
From: Ken YANG @ 2007-07-12 3:17 UTC (permalink / raw)
To: SELinux List
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset=GB18030, Size: 634 bytes --]
i find three papers about policy generation tools:
<<Guided Policy Generation for Application Authors>>
<<Madison: A New Approach to Policy Generation>>
<<Madison ¨C A New Approach to Policy Generation>>
it seems the last one is the last, so is that mean we
should use sepolgen rather than madison.
BTW, i notice the madison is not in fedora rawhide
repository, is this another reason we should use
sepolgen?
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: which tool i should use for policy generation
2007-07-12 3:17 which tool i should use for policy generation Ken YANG
@ 2007-07-12 12:09 ` Stephen Smalley
0 siblings, 0 replies; 2+ messages in thread
From: Stephen Smalley @ 2007-07-12 12:09 UTC (permalink / raw)
To: Ken YANG; +Cc: SELinux List
On Thu, 2007-07-12 at 11:17 +0800, Ken YANG wrote:
>
> i find three papers about policy generation tools:
>
> <<Guided Policy Generation for Application Authors>>
> <<Madison: A New Approach to Policy Generation>>
> <<Madison – A New Approach to Policy Generation>>
>
>
> it seems the last one is the last, so is that mean we
> should use sepolgen rather than madison.
>
> BTW, i notice the madison is not in fedora rawhide
> repository, is this another reason we should use
> sepolgen?
Madison was the original name for sepolgen, but it was renamed to
sepolgen to make the name meaningful and generic to its purpose. In the
SELinux trunk (2.x series) and Fedora >= 7, audit2allow has been
rewritten to use sepolgen for its internals.
MITRE Polgen is a separate tool from Madison/sepolgen, but its pieces of
distinctive functionality is likely to be folded into other tools.
SLIDE is a tool for policy authoring that includes support for remote
debugging of policy on a separate VM or remote host.
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-07-12 12:09 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-07-12 3:17 which tool i should use for policy generation Ken YANG
2007-07-12 12:09 ` Stephen Smalley
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.