What's New with SELinux - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Research Menus

Research Menu

Skip Search Box

What's New with SELinux

This page describes in general terms the updates that have been made to the SELinux web pages since the first release of SELinux in December 2000.

2008	5 Mar \| 11 Jun \| 15 Sep
2007	23 Jan \| 22 Mar \| 25 Sep
2006	15 Mar \| 18 Oct
2005	7 Jan \| 9 Mar \| 22 Jun \| 7 Sep \| 7 Dec
2004	23 Feb \| 12 Mar \| 8 Apr \| 13 May \| 29 Jun \| 19 Aug \| 2 Nov
2003	15 Jan \| 7 Apr \| 11 Jul \| 13 Aug \| 1 Oct \| 5 Dec
2002	18 Jan \| 14 Mar \| 2 May \| 31 May \| 3 July \| 23 Aug \| 22 Oct \| 12 Dec
2001	2 Jan \| 16 Mar \| 12 Apr \| 23 Aug \| 26 Sep \| 16 Oct \| 19 Nov \| 10 Dec
2000	22 Dec

15 September 2008

The SELinux web site was updated today. Source code for the core SELinux userland has migrated to the SELinux userspace project and is no longer available from this site.

11 June 2008

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

New support for permissive domains in libsepol and checkpolicy.
New support for user and role remapping in libsepol (required for use in optionals).
Fixed endianness bug in handling network node addresses in libsepol.
Fixed semanage port to use --proto.
Updated audit2allow to report dontaudit cases.
Revised the policy load logic in libselinux to try loading the maximum supported version of the kernel or libsepol.
Fixed matchpathcon -V support and changed it to report success/failure via exit status.
Fixed memory leaks in matchpathcon in libselinux.

5 March 2008

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Added a Related Work page.
New support for policy capabilities in libsepol and checkpolicy.
Deprecated role dominance in checkpolicy.
New support for X label namespaces in libselinux.
New avc_compute_member interface in libselinux.
New avc_open interface in libselinux.
New selinux_get_callback interface in libselinux.
New support for per-object-manager enforcing mode in libselinux.
New audit2why python bindings in libselinux.
Updated audit2allow to use audit2why python bindings.
Updated sepolgen to generate role type declarations.
Fixed genhomedircon support in libsemanage.
Reduced memory usage by libsemanage and libsepol.
New support for initial policy load in load_policy.
Improved error reporting for load policy.
Improved error reporting for neverallow failures.
New support for non-interactive use in newrole.
Optimized matchpathcon by deferring regex compilation.
New support for setting handle-unknown via semanage.conf.

25 September 2007

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Support for object class and permission discovery and mapping in libselinux.
New interfaces for label matching (selabel) in libselinux, obsoletes matchpathcon.
Support for the handle_unknown policy flag in libsepol and checkpolicy.
Support for disabling all dontaudit rules via semodule -DB.
Support per-command pam configurations for newrole.
Expand sepolgen to parse all refpolicy modules, interface calls with lists, role and range transitions.
Coalesced setfiles and restorecon into a single program.
Improved error reporting for libsemanage and semodule.
Rewrite of setfiles to use new selabel interfaces.
Eliminated unaligned accesses from libsepol policy reading code.
Rewrite of genhomedircon script as part of libsemanage.
Build options for embedded systems for libselinux.
Refactored swig bindings for libselinux.

22 March 2007

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Added a release generated from the new development series. This release introduces the new sepolgen python module for policy generation and a rewrite of audit2allow to use it.
Provided an updated release of the stable branch with several bug fixes and cleanups.
Added several papers and presentations from the 2007 SELinux Symposium.

23 January 2007

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Merged semodule support for specifying lists of modules.
Merged libsemanage support for reducing disk usage by the policy store.
Merged newrole rewrite for namespace support.
Merged newrole securetty context checking for level changes.
Merged translation support for semanage.
Changed checkpolicy to accept identifiers with hyphens.
Merged setsebool bug fix for unmanaged systems.
Merged newrole bug fixes for child exit status and descriptors.
Merged libsepol bug fix for writing old range transition rules.
Merged libsepol bug fix for adding a user in a non-MLS module.
Merged build change to use -fPIC rather than -fpic.

18 October 2006

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Fixed optionals in base support (libsepol, checkpolicy).
Merged extended range transition support (libsepol, checkpolicy).
Merged setrans client support (libselinux).
Merged keycreate and sockcreate interfaces (libselinux).
Merged file context sorting code from refpolicy (libsemanage).
Merged netfilter contexts support (libsepol, libsemanage, policycoreutils).
Merged separate file_contexts.local support (libsemanage, policycoreutils).
Merged secon utility (policycoreutils).
Merged restorecond daemon (policycoreutils).
Merged semodule_deps utility (policycoreutils).

15 March 2006

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Updated base kernel for the 2.6-based SELinux to 2.6.16-rc6.
Fixed SELinux ptrace bug (CVE-2006-1052).
Fixed inode security structure memory leak.
Merged several selinuxfs fixes and cleanups.
Added AUDIT and SECURITY_NETWORK as dependencies for SELinux.
Merged IPSEC hooks for implicit packet labeling.
Merged XFS support for inode security labeling.
Merged audit functionality for newrole and semanage.
Merged support for manipulation of active booleans, ports, nodes, and file contexts into libsepol/libsemanage/semanage.
Merged support for including seusers and users_extra in policy packages into libsepol/libsemanage/policycoreutils.
Merged support for optionals in base policy module.
Fixed role dominance support in checkpolicy.
Merged optimizations for libselinux, libsepol, libsemanage, setfiles and restorecon.
Moved example policy to the historical versions page.
Updated the Implementing SELinux as a Linux Security Module technical report.

7 December 2005

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Updated base kernel for the 2.6-based SELinux to 2.6.14.
Merged support for returning the canonical incore security context for all filesystem types.
Extended selinuxfs context interface to allow returning the canonical form of the context to userspace and updated matchpathcon and setfiles to use this support when present to avoid context aliasing problems.
Merged seusers support for mapping Linux users to SELinux users and ranges without requiring policy modifications.
Merged major enhancements to libsemanage, libsepol, and policycoreutils for the policy management infrastructure.
Merged many enhancements and bug fixes to libsepol, checkpolicy, and policycoreutils for the policy module support.
Merged man pages for module utilities.
Centralized and enhanced the policy loading logic.
Merged many policy patches.

7 September 2005

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Updated base kernel for the 2.6-based SELinux to 2.6.13.
Enabled atomic security labeling of new inodes (ext2, ext3, tmpfs).
Provided generic VFS fallback for security attributes.
Reduced memory use by the policy (avtab).
Merged support for default labeling of MLS field.
Merged policy module support.
Merged libsepol abstraction/organization patches.
Merged context translation support.

22 June 2005

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Updated base kernel for the 2.6-based SELinux to 2.6.12.
Moved experimental SELinux NFS code to the historical versions page.
Added name_connect permission check.
Merged execstack and execheap permission checks.
Merged hierarchical role and type support.
Merged booleans.local support.
Added audit2why utility.
Merged updated version of setools.
Merged updated version of polgen.
Updated the Contributors page.
Updated the selinux-doc/CREDITS file.
Converted libsepol to LGPL.
Merged many policy patches.

9 March 2005

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Updated base kernel for the 2.6-based SELinux to 2.6.11.
Updated experimental SELinux NFS code.
Merged enhanced MLS support.
Added check-requested-protection mode for mmap/mprotect hooks.
Fixed several bugs in error handling code for policy loading.
Fixed inode_setattr bug in handling force flag.
Merged customizable_types support.
Merged file_contexts.local and file_contexts.homedir support.
Merged updated fixfiles and genhomedircon scripts.
Added sepol_genusers and local.users support.
Merged open_init_pty helper for run_init.
Rewrote setfiles to use matchpathcon.
Updated the Implementing SELinux as a Linux Security Module technical report.
Updated the Configuring the SELinux Policy technical report.
Updated the Contributors page.
Updated the selinux-doc/CREDITS file.
Merged libselinux fixes.
Merged many policy patches.
Merged updated version of setools.
Merged updated versions of slat and polgen.

7 January 2005

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Updated base kernel for the 2.6-based SELinux to 2.6.10.
Updated experimental SELinux NFS code.
Added new controls over ability to make executable mappings.
Updated the Contributors page.
Updated the selinux-doc/CREDITS file.
Reduced release to core SELinux code.
Added security_compute_member policy interface for polyinstantiation.
Eliminated unaligned accesses upon policy load for ia64.
Merged dynamic context transition support.
Merged AVC API and statistics support.
Merged bug fixes for AVC RCU code, seqpacket sockets, load_policy failure.
Merged nodecon ordering and type attribute patches for checkpolicy.
Merged more man pages.
Merged libselinux cleanups.
Relocated libselinux utilities to /usr/sbin to match Fedora.
Merged patches for boolean utilities.
Merged many policy patches.
Merged SGML fixes for selinux-doc.

2 November 2004

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Updated base kernel for the 2.6-based SELinux to 2.6.9
Updated experimental SELinux NFS code.
Merged mprotect hook fix.
Added DAC check to setxattr of SELinux attribute.
Merged setscheduler deadlock fix.
Merged AVC RCU patches.
Merged sidtab and netif locking fixes.
Preserved port context ordering in checkpolicy.
Merged role dominance fix for checkpolicy.
Merged optimizations and cleanups for libselinux.
Added get_default_context_with_role to libselinux for use by sshd.
Added rpm_execcon to libselinux for use by rpm.
Merged support for file context validation at policy build time.
Merged several patches for policycoreutils.
Merged updated userland patches from Fedora Core 3 devel tree.
Merged updated version of setools.
Added MITRE polgen tool.
Merged many policy patches.

19 August 2004

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Updated base kernel for the 2.6-based SELinux to 2.6.8.1
Updated experimental SELinux NFS code.
Added revalidation of controlling tty on domain transitions.
Merged fix for name_bind audit data.
Created libsepol for binary policy manipulation.
Converted many policy tunables to booleans.
Enhanced support for using policy booleans.
Merged updated userland patches from Fedora Core 3 devel tree.
Merged patches for newrole, setfiles, restorecon, fixfiles, genhomedircon.
Merged many policy patches.
Merged man pages.

29 June 2004

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Updated base kernel for the 2.6-based SELinux to 2.6.7.
Updated experimental SELinux NFS code.
Archived 2.4-based SELinux to historical versions page.
Merged fine-grained netlink classes and permissions.
Merged support for new policy layout and multiple policies.
Centralized per-user default_contexts.
Added userspace AVC documentation and man pages.
Merged updated userland patches from Fedora Core devel tree.
Merged enhancements to fixfiles and restorecon.
Merged many policy patches.
Merged updated version of setools.
Merged updated version of slat.

13 May 2004

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Updated base kernel for the 2.6-based SELinux to 2.6.6.
Updated base kernel for the 2.4-based SELinux to 2.4.26.
Updated experimental SELinux NFS code.
Merged fix for the compute_creds race in the kernel.
Fixed exec ptrace checking race in the SELinux module.
Added runtime disable for the SELinux module.
Merged fix for kernel socket creation.
Changed SELinux module to re-open descriptors to null device.
Changed get_ordered_context_list to omit contexts not listed in default_contexts.
Added X server security classes and access vector definitions.
Merged contributed libselinux man pages.
Merged updated userland patches from Fedora Core 2 devel.
Merged many policy patches.
Merged updated version of setools.

8 April 2004

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Updated base kernel for the 2.6-based SELinux to 2.6.5.
Updated experimental SELinux NFS code.
Merged revised mount context option handling.
Merged ipv6 support.
Merged node receive check bug fix.
Merged compute_av and sk_free_security bug fixes.
Merged several patches to setfiles and restorecon.
Merged init_selinuxmnt bug fix.
Merged patches to genhomedircon script.
Merged sestatus utility.
Merged many policy patches.

12 March 2004

An updated public release of SELinux was made available today. Some highlights of this release are listed below:

Updated base kernel for the 2.4-based SELinux to 2.4.25. The base kernel for the 2.6-based SELinux remains at 2.6.3, but the SELinux patch against 2.6.3 has been updated.
Added experimental SELinux NFS code.
Merged fine-grained boolean labeling support (2.6 only).
Fixed security_d_instantiate hook call in d_splice_alias.
Merged MLS support patches for SELinux module and libselinux.
Enhanced userspace AVC to handle netlink selinux notifications.
Added matchpathcon function to libselinux.
Added module and policy technical reports to selinux-doc.
Merged updated version of slat.
Fixed mmap bug in checkpolicy.
Merged genhomedircon patch.
Merged many policy patches.
Added OpenPGP signatures.

23 February 2004

An updated public release of SELinux was made available today. The entire National Security Agency website, including the SELinux web pages, was updated to a new style. Some highlights of this release are listed below:

Updated base kernels to 2.6.3 and 2.4.24.
Merged port-based controls (2.6 only).
Merged getpeercon support (2.6 only).
Merged support for mount context options (2.6 only).
Merged conditional policy extensions (2.6 only).
Merged netlink policyload notification support (2.6 only).
Enhanced policy language (type exclusion, typealias).
Added userspace AVC to libselinux.
Changed libselinux to discover selinuxfs mount point at runtime.
Eliminated need for run_init.
Reworked su domain to support using pam_selinux with it.
Added a SELinux check to pam_rootok.
Merged fixes for setfiles.
Added several scripts to policycoreutils.
Merged many policy patches.

5 December 2003

An updated public release of SELinux was made today. Some highlights of this release are listed below:

Updated base kernel for 2.6-based SELinux to 2.6.0-test11.
Updated base kernel for 2.4-based SELinux to 2.4.23.
Updated userland SRPMS to latest Fedora packages.
Added controls over inheritance of signal-related state and resource limits (2.6 only).
Reimplemented network interface and node controls (2.6 only).
Added pam_selinux module, transitioned login to use it.
Added patched SysVinit program, obsoletes modified initrd.
Merged updated versions of setools and slat.
Merged patch to newrules.pl, renamed to audit2allow, moved into policycoreutils.
Merged setfiles optimization and cleanup.
Changed get_ordered_context_list to support a failsafe context.
Changed is_selinux_enabled to check /proc/filesystems.
Merged some 64bit cleanups.
Drop dependencies on libattr.

1 October 2003

An updated public release of SELinux was made today. Some highlights of this release are listed below:

Updated base kernel for 2.6-based SELinux to 2.6.0-test6.
Added selinux kernel boot parameter.
Added dname to audit output when a path cannot be generated.
Changed LSM API to pass nameidata to inode_permission for pathname generation (2.6 only).
Fixed bug in context conversion code for policy reloads.
Updated SRPMS to latest Red Hat packages.
Updated several of the SELinux userland patches.
Added patched star package.
Merged MLS build and configuration patches.
Added new version of Tresys policy tools (setools).
Added first public release of MITRE policy tool (slat).
Fixed linking bug in libselinux.
Merged policycoreutils i18n patch.
Merged run_init close file patch.
Merged setfiles altroot, cleanup, and stem compression patches.
Merged checkpolicy man page.

13 August 2003

An updated public release of SELinux was made today. Some highlights of this release are listed below:

Updated base kernel version for 2.6-based SELinux to 2.6.0-test3. The SELinux module has been merged into the mainline kernel as of 2.6.0-test3.
Added new 2.4-based SELinux (back port of 2.6-based SELinux). This provides the same API and xattr support as the 2.6-based SELinux. The old 2.4-based SELinux is still available, but is no longer being actively maintained.
Added OLS 2003 SELinux BOF slides.
Merged several fixes and cleanups for libselinux.
Fixed a bug in checkpolicy.
Merged improvement to chcon utility.
Merged contributed policy patches.

11 July 2003

An updated public release of SELinux was made today. Some highlights of this release are listed below:

Updated base kernel versions to 2.5.74 and 2.4.21.
Completed SELinux API redesign and xattr support (2.5-based SELinux).
Ported SELinux daemon and utility patches to new SELinux API (2.5-based SELinux).
Added AT_SECURE auxv entry.
Reworked bprm hook permission checking.
Overload nosuid to also prevent context transitions.
Added the Securing the X Window System with SELinux report.
Merged updated setools 20030609.
Merged contributed setfiles altroot patch.
Merged contributed policy and build patches.

7 April 2003

An updated public release of SELinux was made today. Some highlights of this release are listed below:

Added ARM port of SELinux.
Added Mainline 2.5-based SELinux.
Updated the base 2.5 kernel version to 2.5.66. Note that 2.5.66 mainline includes the remaining non-networking hooks required for SELinux.
The base 2.4 kernel version remains at 2.4.20, but the 2.4 LSM patch and SELinux module have changed since the last release.
Added a separate CONFIG_SECURITY_NETWORK option for the socket and networking hooks.
Separated core policy and started audit/reduction.
Improved setfiles logic.
Fixed bug in SELinux swapoff hook.
Fixed bug in SELinux ptrace checks.
Merged contributed usermod/group patch.
Merged updated versions of contributed policy tools.
Merged contributed policy patches.

15 January 2003

An updated public release of the LSM-based SELinux prototype was made today. See selinux/ChangeLog for a detailed summary of the changes. A few highlights are listed below:

Updated the base 2.5 kernel version to 2.5.58. The base 2.4 kernel version remains at 2.4.20, but the LSM patch and the SELinux module for 2.4 have changed since the last release.
Back ported changes to make LSM configurable from 2.5 to 2.4.
Added hooks for xattr operations to 2.4.
Reworked inode security initialization using d_instantiate hook.
Fixed nfsd private file bug in 2.4.
Fixed task_kill bug in 2.5.
Updated the Configuring the SELinux Policy technical report.
Merged contributed policy analysis and management tools.
Updated the Contributors page.

12 December 2002

An updated public release of the LSM-based SELinux prototype was made today. See selinux/ChangeLog for a detailed summary of the changes. A few highlights are listed below:

Updated the base 2.4 kernel version to 2.4.20.
Updated the base 2.5 kernel version to 2.5.51.
Revised the SELinux-specific patches for 2.4 and 2.5.
Added initial SID and context for SCMP packets.
Merged contributed policy enhancements and patches.
Updated logrotate patch to logrotate 3.6.5-2.
Fixed private file oversight in LSM.
Fixed inode_doinit bug in SELinux.
Fixed Selopt compile problems.
Updated the Contributors page.
Added a CREDITS file.

22 October 2002

An updated public release of the LSM-based SELinux prototype was made today. See selinux/ChangeLog for a detailed summary of the changes. A few highlights are listed below:

Updated the base 2.5 kernel version to 2.5.44. The base 2.4 kernel version remains at 2.4.19, but many changes have been made to the 2.4 LSM patch and to the 2.4 SELinux module since the last release.
Made further revisions to the LSM sock hooks and the corresponding SELinux hook functions to ensure proper labeling of outgoing packets when the sock is not attached to a user socket.
Exterminated precondition functions from the SELinux module. Added early initialization support and inode_init hooks to the SELinux kernel patch.
Added capability check for KDSKBENT and KDSKBSENT ioctls (loadkeys).
Removed obsolete permissions from access_vectors and policy.
Added signull permission for kill(pid, 0).
Restructured the architecture-specific code in the SELinux module.
Fixed bugs in the audit code, the constraint code, and the persistent label mapping code in the SELinux kernel module.
Changed the modified login, sshd, and crond to use the new libsecure functions and the new /etc/security/default_contexts configuration.
Merged many contributed policy enhancements.
Updated the SELinux tar patch to tar-1.13.25-4.7.1.
Fixed bugs in setfiles, suseradd, and the fileutils patch.

23 August 2002

A bit of good news: The LSM patch is finally being merged into the mainstream Linux 2.5 kernel. As of Linux 2.5.27, the base LSM framework and hooks for task operations and program loading operations have been merged. As of Linux 2.5.29, the hooks for file-related operations have been merged, although we anticipate some revisions to these hooks back on feedback from the Linux kernel developers. The remaining hooks are pending submission until the file-related hooks have been revised.

An updated public release of the LSM-based SELinux prototype was also made today. See selinux/ChangeLog for a detailed summary of the changes. A few highlights are listed below:

Updated base kernel versions to 2.4.19 and 2.5.31.
Implemented new sock hooks in LSM. These new hooks are in the LSM BitKeeper trees, but not in the LSM snapshot patches yet. Reminder: Use the LSM patches from this site when using SELinux.
Re-implemented SELinux peer SID functionality using new sock hooks. The accept_secure call should now be reliable.
Changed the sysctl hook and /proc/sys labeling to be configurable.
Fixed bugs in auditing logic, PSID mapping code, and ipc permission hook.
Made minor enhancements to checkpolicy and the example policy.
Merged contributed patch implementing support for automatic type transitions on devfs pts nodes.
Merged contributed strace patch for tracing new SELinux calls.
Merged contributed policy enhancements for policy management.
Merged many other contributed policy enhancements.

3 July 2002

An updated public release of the LSM-based SELinux prototype was made. See selinux/ChangeLog for a detailed summary of the changes. A few highlights are listed below:

Made many policy sections optional.
Changed the audit configuration syntax to be more intuitive.
Added explicit type attribute declarations.
Generalized the filesystem labeling support and made it configurable.
Updated the Configuring the SELinux Policy technical report.
Merged many contributed domains and policy changes.
Improved support for minimal initrd policies.
Implemented labeling for kernel-generated IGMP and ICMP traffic.
Updated the 2.5 kernel version to 2.5.24.
Updated the openssh patch to openssh-3.4p1.

31 May 2002

An updated public release of the LSM-based SELinux prototype was made. See selinux/ChangeLog for a detailed summary of the changes. A few highlights are listed below:

Updated the Implementing SELinux as a Linux Security Module technical report.
Updated the 2.5 kernel version to 2.5.19.
Encapsulated the extended socket call processing and made it optional.
Implemented connection peer SID lists for accept_secure.
Added support for selecting enforcing mode at boot/insertion time.
Enhanced the MLS support.

2 May 2002

An updated public release of the LSM-based SELinux prototype was made. See selinux/ChangeLog for a detailed summary of the changes. A few highlights are listed below:

Added the Configuring the SELinux Policy technical report.
Added the Implementing SELinux as a Linux Security Module technical report.
Updated the 2.5 kernel version to 2.5.10.
Implemented the internal processing for the extended socket calls.
Merged many contributed domains and policy changes.
Partitioned the file contexts configuration and relocated it under policy.
Added a magic number and string identifier to the binary policy header.
Relocated the binary policy's installation location.
Fixed SMP problems in the security server, AVC, and hook functions.
Merged the contributed devfsd module.
Merged the contributed setfiles -s option.
Changed checkpolicy to accept nested brackets and empty statements.
Added support for reloading the policy from the real root filesystem after a pivot.

14 March 2002

An updated public release of the LSM-based SELinux prototype was made. See selinux/ChangeLog for a detailed summary of the changes. A few highlights are listed below:

Updated the base kernel versions to 2.4.18 and 2.5.6.
Updated the remaining base utility versions to the RH7.2 SRPMS (contributed).
Updated base version for openssh to openssh-3.1p1-2.
Merged contributed support for a default user (user_u).
Merged several contributed domains (snort, pppd, nscd, squid).
Merged contributed labeled networking support.
Started adapting SELinux for the labeled networking support.
Added support for usbdevfs.
Deprecated clone statements and role transition rules.
Started partitioning the every.te rules.
Partitioned the role declarations and domain transitions.
Reorganized policy directory.
Started cleaning up domains to provide better encapsulation.
Encapsulated architecture-specific components of libsecure.

18 January 2002

The SELinux web site was updated in the following ways:

The stable (2.4) LSM-based SELinux prototype was updated to kernel 2.4.17 and was updated to include a number of bug fixes and minor enhancements made since the previous release. See selinux/ChangeLog for a summary of changes since the previous release.
A new development (2.5) LSM-based SELinux prototype based on kernel 2.5.2 was added to the site.
The original SELinux prototype has been reduced to just the 2.2.19 and 2.4.3 kernel patches for historical reference. The technical report describing the design and implementation of the original 2.2 kernel patch is also still available for historical reference.

10 December 2001

The fifth public release of the LSM-based SELinux prototype was made. This release is based on the lsm-full-2001_12_10 patch against kernel 2.4.16. See selinux/ChangeLog for a detailed summary of the changes. A few highlights are listed below:

Merged the SELinux module into the LSM tree.
Updated SELinux module to lsm-full-2001_12_10 against kernel 2.4.16.
Updated openssh patch to openssh-2.9p2-12.
Updated procps patch to procps-2.0.7-11.
Updated sh-utils patch to sh-utils-2.0.11-5.
Updated fileutils patch to fileutils-4.1-4.
Updated swapon and swapoff hook functions.
Added stat64 variants of stat_secure system calls.
Added SELinux option help text to Configure.help.
Added default Security option settings to defconfig.
Changed to use -selinux rather than -lsm suffix.
Revised AVC auditing.
Added quick install.
Fixed bug in selinux_inode_delete.
More bug fixes for newrole.

19 November 2001

The fourth public release of the LSM-based SELinux prototype was made. This release is based on the lsm-2001_11_05 patch against kernel 2.4.14. See selinux/ChangeLog for a detailed summary of the changes. A few highlights are listed below:

Updated openssh patch to openssh-2.9p2
Updated util-linux patch to util-linux-2.11f.
Updated vixie-cron patch to vixie-cron-3.0.1-63.
Added logrotate patch for logrotate-3.5.9.
More policy updates.
Added ext3 as a recognized type for persistent labeling.
Added missing getscheduler hook function.
Added check_sb hook function.
Separated checkpolicy code and build from module.
Fixed a bug in load_policy.
Bug fixes in newrole.
Reimplemented execve_secure via general security system call.
Moved development and MLS options back into kernel configuration.
Significant code cleanup.
Updated to 2.4.14 (with loop fix).

16 October 2001

The third public release of the LSM-based SELinux prototype was made. This release contains several bug fixes and improvements to both LSM and SELinux and is based on the lsm-2001_10_11 patch against kernel 2.4.12. See selinux/ChangeLog for a detailed summary of the changes. A few highlights are listed below:

Added support for stacking the capabilities security module.
Added domain for ssh client program.
Added contributed named and gdm domains.
Added more permissions to the example policy.
Changed extended IPC calls to work when built as a separate module.
Added run_init utility and domain for running init scripts in the correct context.
Updated to 2.4.12 (with parport fix).

26 September 2001

The second public release of the LSM-based SELinux prototype was made. This release contains many bug fixes and improvements to both LSM and SELinux and is based on the lsm-2001_09_23 patch against kernel 2.4.10. See selinux/ChangeLog for a detailed summary of the changes. A few highlights are listed below:

Added hooks for controlling Unix domain socket IPC.
Reworked message queue hooks to address pipelined IPC.
Added hooks for several miscellaneous system operations.
Added security class for PF_KEY sockets.
Merged contributed IPSEC domain.
Added configurable support for labeling devfs entries.
Implemented msgsid, shmsid, and semsid calls.
Changed to use safe memory allocation flags and semaphore operations when in interrupt context.
Fixed various synchronization problems.
Added inline documentation for LSM security hooks.
Added overview document for LSM
Updated to 2.4.10.

23 August 2001

The new SELinux prototype that uses the Linux Security Modules (LSM) kernel patch is now available for download. In this release, we are using a kernel patch based on the lsm-2001_08_16 patch against kernel 2.4.9.
Papers published about SELinux at Freenix and OLS are now available.
A few minor bug fixes were applied to the original SELinux prototype.

12 April 2001

Kernel patches are now provided for 2.4.3 and 2.2.19.
Small updates were made to the example policy configuration.

16 March 2001

Updated information on the developers' mailing list and archives was made available.
Answers to Frequently Asked Questions were added to the site.
Kernel patches are now provided for 2.4.2 and 2.2.18.

The 2.4.2 patch includes changes to virtualize the persistent SID mapping interfaces and the file mandatory access controls.
The 2.2.18 patch includes several bug fixes to the old 2.2-based patch. It also includes a new implementation of System V IPC mandatory access controls. These controls have not yet been ported to the 2.4 kernel.
Both the 2.2.18 and 2.4.2 patches incorporate a change in the implementation of the new system calls that is not backward compatible with the old implementation. Hence, the updated libsecure must be compiled and all modified utilities must be relinked against it.

The util-linux patch is now provided for the util-linux-2.10s sources from kernel.org.
The procps patch is now provided for the procps-010114 sources from http://www.cs.uml.edu/~acahalan/procps.
The vixie-cron patch is now provided for the vixie-cron-3.0.1-61 sources from Red Hat.
A small fix was made to the spasswd wrapper program to ensure that it is not mistakenly used by an administrator to try to change another user's password. A README was added to explain the purpose of this program.
The shadow password file is no longer moved by the installation scripts, and the modified versions of libpwdb, sulogin, and the shadow utilities are no longer provided. The relocation of the shadow password file was creating compatibility problems with a number of applications despite the updated libpwdb. A different approach for maintaining a separate security context on the shadow password file will be implemented in the future.
The modified versions of rshd and wu-ftpd were removed from the distribution and each of these daemons were limited to their initial domain in the example policy configuration.

2 January 2001

Updated source code and patches were made available. This addressed:

moving the numbers of the new system calls to avoid conflicts
fixing the buffer overflow problem discovered in the find_default_type function in libsecure
removed extra ';' in policy grammar
minor adjustments in kernel/flask/Makefile

The press release was added to the site.

22 December 2000 - First Public Release

The first public release was made available. The release is based on kernel version 2.2.12 and Red Hat version 6.1 utilities. This release contains mandatory access controls for the major kernel subsystems and an example security policy configuration that demonstrates how to use these controls to meet several security goals. There is still significant work ahead to provide mandatory access controls for all kernel services and to provide a complete general purpose security policy configuration.

Linux is a registered trademark of Linus Torvalds
MITRE is a registered trademark of The MITRE Corporation
Red Hat is a registered trademark of Red Hat, Inc. in the US and other countries.

Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009

bottom