James Morris (james_morris) wrote,
James Morris
james_morris

SELinux Policy Wizard

Dan Walsh has published an article on his SELinux policy generation wizard at Red Hat Magazine.

SELinux policy wizard GUI


The article is a great introduction to the modern SELinux policy development environment, while the tool itself demonstrates how high-level abstractions are the key to SELinux usability.

In this case, the sysadmin is provided with a set of questions about the application to be confined, and makes selections based upon patterns which are commonly encountered in similar applications. Some further questions are asked, such as which ports the application might use, and then a loadable policy module is generated.

If you want to try the tool for yourself, you'll find it in current RHEL 5 and Fedora 7, runnable via system-config-selinux .
Subscribe

  • Post a new comment

    Error

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 0 comments