ANN: SELinux Policy Editor 1.0

Yuichi Nakamura ynakam at
Tue Jul 26 14:36:03 UTC 2005

We are glad to announce that SELinux Policy Editor 1.0 has been released.
In this release, 
our policy called "Simplified policy" can be used without GUI.
To try, visit .                  
Install manual, how to and specification documentations are ready.

SELinux Policy Editor and Simplified policy works on Fedora Core4 and 3.
Our tool does not affect existing SELinux, you can go back to default 
SELinux easily. Feel free to try.

If you have question, suggestion or something email to 
seedit-admin at

* About SELinux Policy Editor
SELinux Policy Editor is a tool to edit and view SELinux policy, 
originally developed by Hitachi Softwarek, not developed in 
SELinux Policy Editor Project(

 The tool is composed of simplified policy and GUI. 
Simplified policy hides detail of SELinux configuration, 
and GUI makes configuration much easier.
It is not just a GUI tool, the important component is simplified policy. 
You can also configure simplified policy without GUI.
Following is example of simplified policy for Apache.
domain httpd_t;
domain_trans initrc_t /usr/sbin/httpd;
allow /var/www r,s;
allownet -tcp -port 80;
As you see, type is not used. You can use file name, port number in 
For detail about simplified policy, see

- Review the security of simplified policy
- Extend syntax of simplified policy for detailed configuration
- Auto generation of simplified policy
- Write more policy by simplified policy 
- Test on other distributions

Yuichi Nakamura
Hitachi Software, The George Washington University
Japan SELinux Users Group(JSELUG)
Japan Open Source Advocacy Organization(JOSAO)
SELinux Policy Editor:

More information about the fedora-selinux-list mailing list