ANN: SELinux Policy Editor 1.0
ynakam at gwu.edu
Tue Jul 26 14:36:03 UTC 2005
We are glad to announce that SELinux Policy Editor 1.0 has been released.
In this release,
our policy called "Simplified policy" can be used without GUI.
To try, visit http://seedit.sourceforge.net/ .
Install manual, how to and specification documentations are ready.
SELinux Policy Editor and Simplified policy works on Fedora Core4 and 3.
Our tool does not affect existing SELinux, you can go back to default
SELinux easily. Feel free to try.
If you have question, suggestion or something email to
seedit-admin at lists.sourceforge.net.
* About SELinux Policy Editor
SELinux Policy Editor is a tool to edit and view SELinux policy,
originally developed by Hitachi Softwarek, not developed in
SELinux Policy Editor Project(seedit.sourceforge.net).
The tool is composed of simplified policy and GUI.
Simplified policy hides detail of SELinux configuration,
and GUI makes configuration much easier.
It is not just a GUI tool, the important component is simplified policy.
You can also configure simplified policy without GUI.
Following is example of simplified policy for Apache.
domain_trans initrc_t /usr/sbin/httpd;
allow /var/www r,s;
allownet -tcp -port 80;
As you see, type is not used. You can use file name, port number in
For detail about simplified policy, see
- Review the security of simplified policy
- Extend syntax of simplified policy for detailed configuration
- Auto generation of simplified policy
- Write more policy by simplified policy
- Test on other distributions
Hitachi Software, The George Washington University
Japan SELinux Users Group(JSELUG)
Japan Open Source Advocacy Organization(JOSAO)
SELinux Policy Editor: http://seedit.sourceforge.net/
More information about the fedora-selinux-list