This page describes in general terms the updates that have
been made to the SELinux web pages since the first release of
SELinux in December 2000.
15 September 2008
The SELinux web site was updated today. Source code for the core
SELinux userland has migrated to the SELinux
userspace project and is no longer available from this site.
11 June 2008
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- New support for permissive domains in libsepol and checkpolicy.
- New support for user and role remapping in libsepol (required for use in optionals).
- Fixed endianness bug in handling network node addresses in libsepol.
- Fixed semanage port to use --proto.
- Updated audit2allow to report dontaudit cases.
- Revised the policy load logic in libselinux to try loading the maximum supported version of the kernel or libsepol.
- Fixed matchpathcon -V support and changed it to report success/failure via exit status.
- Fixed memory leaks in matchpathcon in libselinux.
5 March 2008
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Added a Related Work page.
- New support for policy capabilities in libsepol and checkpolicy.
- Deprecated role dominance in checkpolicy.
- New support for X label namespaces in libselinux.
- New avc_compute_member interface in libselinux.
- New avc_open interface in libselinux.
- New selinux_get_callback interface in libselinux.
- New support for per-object-manager enforcing mode in libselinux.
- New audit2why python bindings in libselinux.
- Updated audit2allow to use audit2why python bindings.
- Updated sepolgen to generate role type declarations.
- Fixed genhomedircon support in libsemanage.
- Reduced memory usage by libsemanage and libsepol.
- New support for initial policy load in load_policy.
- Improved error reporting for load policy.
- Improved error reporting for neverallow failures.
- New support for non-interactive use in newrole.
- Optimized matchpathcon by deferring regex compilation.
- New support for setting handle-unknown via semanage.conf.
25 September 2007
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Support for object class and permission discovery and mapping in libselinux.
- New interfaces for label matching (selabel) in libselinux, obsoletes matchpathcon.
- Support for the handle_unknown policy flag in libsepol and checkpolicy.
- Support for disabling all dontaudit rules via semodule -DB.
- Support per-command pam configurations for newrole.
- Expand sepolgen to parse all refpolicy modules, interface calls with lists, role and range transitions.
- Coalesced setfiles and restorecon into a single program.
- Improved error reporting for libsemanage and semodule.
- Rewrite of setfiles to use new selabel interfaces.
- Eliminated unaligned accesses from libsepol policy reading code.
- Rewrite of genhomedircon script as part of libsemanage.
- Build options for embedded systems for libselinux.
- Refactored swig bindings for libselinux.
22 March 2007
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Added a release generated from the new development series.
This release introduces the new sepolgen python module for policy
generation and a rewrite of audit2allow to use it.
- Provided an updated release of the stable branch with
several bug fixes and cleanups.
- Added several papers and presentations from the 2007 SELinux
Symposium.
23 January 2007
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Merged semodule support for specifying lists of modules.
- Merged libsemanage support for reducing disk usage by the policy store.
- Merged newrole rewrite for namespace support.
- Merged newrole securetty context checking for level changes.
- Merged translation support for semanage.
- Changed checkpolicy to accept identifiers with hyphens.
- Merged setsebool bug fix for unmanaged systems.
- Merged newrole bug fixes for child exit status and descriptors.
- Merged libsepol bug fix for writing old range transition rules.
- Merged libsepol bug fix for adding a user in a non-MLS module.
- Merged build change to use -fPIC rather than -fpic.
18 October 2006
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Fixed optionals in base support (libsepol, checkpolicy).
- Merged extended range transition support (libsepol, checkpolicy).
- Merged setrans client support (libselinux).
- Merged keycreate and sockcreate interfaces (libselinux).
- Merged file context sorting code from refpolicy (libsemanage).
- Merged netfilter contexts support (libsepol, libsemanage, policycoreutils).
- Merged separate file_contexts.local support (libsemanage, policycoreutils).
- Merged secon utility (policycoreutils).
- Merged restorecond daemon (policycoreutils).
- Merged semodule_deps utility (policycoreutils).
15 March 2006
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Updated base kernel for the 2.6-based SELinux to 2.6.16-rc6.
- Fixed SELinux ptrace bug (CVE-2006-1052).
- Fixed inode security structure memory leak.
- Merged several selinuxfs fixes and cleanups.
- Added AUDIT and SECURITY_NETWORK as dependencies for SELinux.
- Merged IPSEC hooks for implicit packet labeling.
- Merged XFS support for inode security labeling.
- Merged audit functionality for newrole and semanage.
- Merged support for manipulation of active booleans, ports, nodes, and file contexts into libsepol/libsemanage/semanage.
- Merged support for including seusers and users_extra in policy packages into libsepol/libsemanage/policycoreutils.
- Merged support for optionals in base policy module.
- Fixed role dominance support in checkpolicy.
- Merged optimizations for libselinux, libsepol, libsemanage, setfiles and restorecon.
- Moved example policy to the historical versions page.
- Updated the Implementing SELinux as a Linux Security Module technical report.
7 December 2005
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Updated base kernel for the 2.6-based SELinux to 2.6.14.
- Merged support for returning the canonical incore security context
for all filesystem types.
- Extended selinuxfs context interface to allow returning the
canonical form of the context to userspace and updated matchpathcon
and setfiles to use this support when present to avoid context aliasing
problems.
- Merged seusers support for mapping Linux users to SELinux users
and ranges without requiring policy modifications.
- Merged major enhancements to libsemanage, libsepol, and policycoreutils
for the policy management infrastructure.
- Merged many enhancements and bug fixes to libsepol,
checkpolicy, and policycoreutils for the policy module support.
- Merged man pages for module utilities.
- Centralized and enhanced the policy loading logic.
- Merged many policy patches.
7 September 2005
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Updated base kernel for the 2.6-based SELinux to 2.6.13.
- Enabled atomic security labeling of new inodes (ext2, ext3, tmpfs).
- Provided generic VFS fallback for security attributes.
- Reduced memory use by the policy (avtab).
- Merged support for default labeling of MLS field.
- Merged policy module support.
- Merged libsepol abstraction/organization patches.
- Merged context translation support.
22 June 2005
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Updated base kernel for the 2.6-based SELinux to 2.6.12.
- Moved experimental SELinux NFS code to the historical versions page.
- Added name_connect permission check.
- Merged execstack and execheap permission checks.
- Merged hierarchical role and type support.
- Merged booleans.local support.
- Added audit2why utility.
- Merged updated version of setools.
- Merged updated version of polgen.
- Updated the Contributors page.
- Updated the selinux-doc/CREDITS file.
- Converted libsepol to LGPL.
- Merged many policy patches.
9 March 2005
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Updated base kernel for the 2.6-based SELinux to 2.6.11.
- Updated experimental SELinux NFS code.
- Merged enhanced MLS support.
- Added check-requested-protection mode for mmap/mprotect hooks.
- Fixed several bugs in error handling code for policy loading.
- Fixed inode_setattr bug in handling force flag.
- Merged customizable_types support.
- Merged file_contexts.local and file_contexts.homedir support.
- Merged updated fixfiles and genhomedircon scripts.
- Added sepol_genusers and local.users support.
- Merged open_init_pty helper for run_init.
- Rewrote setfiles to use matchpathcon.
- Updated the Implementing SELinux as a Linux Security Module technical report.
- Updated the Configuring the SELinux Policy technical report.
- Updated the Contributors page.
- Updated the selinux-doc/CREDITS file.
- Merged libselinux fixes.
- Merged many policy patches.
- Merged updated version of setools.
- Merged updated versions of slat and polgen.
7 January 2005
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Updated base kernel for the 2.6-based SELinux to 2.6.10.
- Updated experimental SELinux NFS code.
- Added new controls over ability to make executable mappings.
- Updated the Contributors page.
- Updated the selinux-doc/CREDITS file.
- Reduced release to core SELinux code.
- Added security_compute_member policy interface for polyinstantiation.
- Eliminated unaligned accesses upon policy load for ia64.
- Merged dynamic context transition support.
- Merged AVC API and statistics support.
- Merged bug fixes for AVC RCU code, seqpacket sockets, load_policy failure.
- Merged nodecon ordering and type attribute patches for checkpolicy.
- Merged more man pages.
- Merged libselinux cleanups.
- Relocated libselinux utilities to /usr/sbin to match Fedora.
- Merged patches for boolean utilities.
- Merged many policy patches.
- Merged SGML fixes for selinux-doc.
2 November 2004
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Updated base kernel for the 2.6-based SELinux to 2.6.9
- Updated experimental SELinux NFS code.
- Merged mprotect hook fix.
- Added DAC check to setxattr of SELinux attribute.
- Merged setscheduler deadlock fix.
- Merged AVC RCU patches.
- Merged sidtab and netif locking fixes.
- Preserved port context ordering in checkpolicy.
- Merged role dominance fix for checkpolicy.
- Merged optimizations and cleanups for libselinux.
- Added get_default_context_with_role to libselinux for use by sshd.
- Added rpm_execcon to libselinux for use by rpm.
- Merged support for file context validation at policy build time.
- Merged several patches for policycoreutils.
- Merged updated userland patches from Fedora Core 3 devel tree.
- Merged updated version of setools.
- Added MITRE polgen tool.
- Merged many policy patches.
19 August 2004
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Updated base kernel for the 2.6-based SELinux to 2.6.8.1
- Updated experimental SELinux NFS code.
- Added revalidation of controlling tty on domain transitions.
- Merged fix for name_bind audit data.
- Created libsepol for binary policy manipulation.
- Converted many policy tunables to booleans.
- Enhanced support for using policy booleans.
- Merged updated userland patches from Fedora Core 3 devel tree.
- Merged patches for newrole, setfiles, restorecon, fixfiles, genhomedircon.
- Merged many policy patches.
- Merged man pages.
29 June 2004
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Updated base kernel for the 2.6-based SELinux to 2.6.7.
- Updated experimental SELinux NFS code.
- Archived 2.4-based SELinux to historical versions page.
- Merged fine-grained netlink classes and permissions.
- Merged support for new policy layout and multiple policies.
- Centralized per-user default_contexts.
- Added userspace AVC documentation and man pages.
- Merged updated userland patches from Fedora Core devel tree.
- Merged enhancements to fixfiles and restorecon.
- Merged many policy patches.
- Merged updated version of setools.
- Merged updated version of slat.
13 May 2004
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Updated base kernel for the 2.6-based SELinux to 2.6.6.
- Updated base kernel for the 2.4-based SELinux to 2.4.26.
- Updated experimental SELinux NFS code.
- Merged fix for the compute_creds race in the kernel.
- Fixed exec ptrace checking race in the SELinux module.
- Added runtime disable for the SELinux module.
- Merged fix for kernel socket creation.
- Changed SELinux module to re-open descriptors to null device.
- Changed get_ordered_context_list to omit contexts not listed in default_contexts.
- Added X server security classes and access vector definitions.
- Merged contributed libselinux man pages.
- Merged updated userland patches from Fedora Core 2 devel.
- Merged many policy patches.
- Merged updated version of setools.
8 April 2004
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Updated base kernel for the 2.6-based SELinux to 2.6.5.
- Updated experimental SELinux NFS code.
- Merged revised mount context option handling.
- Merged ipv6 support.
- Merged node receive check bug fix.
- Merged compute_av and sk_free_security bug fixes.
- Merged several patches to setfiles and restorecon.
- Merged init_selinuxmnt bug fix.
- Merged patches to genhomedircon script.
- Merged sestatus utility.
- Merged many policy patches.
12 March 2004
An updated public release of SELinux was made available today.
Some highlights of this release are listed below:
- Updated base kernel for the 2.4-based SELinux to 2.4.25.
The base kernel for the 2.6-based SELinux remains at 2.6.3,
but the SELinux patch against 2.6.3 has been updated.
- Added experimental SELinux NFS code.
- Merged fine-grained boolean labeling support (2.6 only).
- Fixed security_d_instantiate hook call in d_splice_alias.
- Merged MLS support patches for SELinux module and libselinux.
- Enhanced userspace AVC to handle netlink selinux notifications.
- Added matchpathcon function to libselinux.
- Added module and policy technical reports to selinux-doc.
- Merged updated version of slat.
- Fixed mmap bug in checkpolicy.
- Merged genhomedircon patch.
- Merged many policy patches.
- Added OpenPGP signatures.
23 February 2004
An updated public release of SELinux was made available today. The
entire National Security Agency website, including the SELinux web
pages, was updated to a new style. Some highlights of this release
are listed below:
- Updated base kernels to 2.6.3 and 2.4.24.
- Merged port-based controls (2.6 only).
- Merged getpeercon support (2.6 only).
- Merged support for mount context options (2.6 only).
- Merged conditional policy extensions (2.6 only).
- Merged netlink policyload notification support (2.6 only).
- Enhanced policy language (type exclusion, typealias).
- Added userspace AVC to libselinux.
- Changed libselinux to discover selinuxfs mount point at runtime.
- Eliminated need for run_init.
- Reworked su domain to support using pam_selinux with it.
- Added a SELinux check to pam_rootok.
- Merged fixes for setfiles.
- Added several scripts to policycoreutils.
- Merged many policy patches.
5 December 2003
An updated public release of SELinux was made today.
Some highlights of this release are listed below:
- Updated base kernel for 2.6-based SELinux to 2.6.0-test11.
- Updated base kernel for 2.4-based SELinux to 2.4.23.
- Updated userland SRPMS to latest Fedora packages.
- Added controls over inheritance of signal-related state and resource limits (2.6 only).
- Reimplemented network interface and node controls (2.6 only).
- Added pam_selinux module, transitioned login to use it.
- Added patched SysVinit program, obsoletes modified initrd.
- Merged updated versions of setools and slat.
- Merged patch to newrules.pl, renamed to audit2allow, moved into policycoreutils.
- Merged setfiles optimization and cleanup.
- Changed get_ordered_context_list to support a failsafe context.
- Changed is_selinux_enabled to check /proc/filesystems.
- Merged some 64bit cleanups.
- Drop dependencies on libattr.
1 October 2003
An updated public release of SELinux was made today.
Some highlights of this release are listed below:
- Updated base kernel for 2.6-based SELinux to 2.6.0-test6.
- Added selinux kernel boot parameter.
- Added dname to audit output when a path cannot be generated.
- Changed LSM API to pass nameidata to inode_permission for pathname generation (2.6 only).
- Fixed bug in context conversion code for policy reloads.
- Updated SRPMS to latest Red Hat packages.
- Updated several of the SELinux userland patches.
- Added patched star package.
- Merged MLS build and configuration patches.
- Added new version of Tresys policy tools (setools).
- Added first public release of MITRE policy tool (slat).
- Fixed linking bug in libselinux.
- Merged policycoreutils i18n patch.
- Merged run_init close file patch.
- Merged setfiles altroot, cleanup, and stem compression patches.
- Merged checkpolicy man page.
13 August 2003
An updated public release of SELinux was made today.
Some highlights of this release are listed below:
- Updated base kernel version for 2.6-based SELinux to 2.6.0-test3. The SELinux module has been merged into the mainline kernel as of 2.6.0-test3.
- Added new 2.4-based SELinux (back port of 2.6-based SELinux). This provides the same API and xattr support as the 2.6-based SELinux. The old 2.4-based SELinux is still
available, but is no longer being actively maintained.
- Added OLS 2003 SELinux BOF slides.
- Merged several fixes and cleanups for libselinux.
- Fixed a bug in checkpolicy.
- Merged improvement to chcon utility.
- Merged contributed policy patches.
11 July 2003
An updated public release of SELinux was made today.
Some highlights of this release are listed below:
- Updated base kernel versions to 2.5.74 and 2.4.21.
- Completed SELinux API redesign and xattr support (2.5-based SELinux).
- Ported SELinux daemon and utility patches to new SELinux API (2.5-based SELinux).
- Added AT_SECURE auxv entry.
- Reworked bprm hook permission checking.
- Overload nosuid to also prevent context transitions.
- Added the Securing the X Window System with SELinux report.
- Merged updated setools 20030609.
- Merged contributed setfiles altroot patch.
- Merged contributed policy and build patches.
7 April 2003
An updated public release of SELinux was made today.
Some highlights of this release are listed below:
- Added ARM port of SELinux.
- Added Mainline 2.5-based SELinux.
- Updated the base 2.5 kernel version to 2.5.66.
Note that 2.5.66 mainline includes the remaining
non-networking hooks required for SELinux.
- The base 2.4 kernel version remains at 2.4.20, but the 2.4
LSM patch and SELinux module have changed since the last release.
- Added a separate CONFIG_SECURITY_NETWORK option for the socket
and networking hooks.
- Separated core policy and started audit/reduction.
- Improved setfiles logic.
- Fixed bug in SELinux swapoff hook.
- Fixed bug in SELinux ptrace checks.
- Merged contributed usermod/group patch.
- Merged updated versions of contributed policy tools.
- Merged contributed policy patches.
15 January 2003
An updated public release of the LSM-based SELinux prototype
was made today. See selinux/ChangeLog for a detailed summary of
the changes. A few highlights are listed below:
- Updated the base 2.5 kernel version to 2.5.58.
The base 2.4 kernel version remains at 2.4.20, but the LSM
patch and the SELinux module for 2.4 have changed since the last release.
- Back ported changes to make LSM configurable from 2.5 to 2.4.
- Added hooks for xattr operations to 2.4.
- Reworked inode security initialization using d_instantiate hook.
- Fixed nfsd private file bug in 2.4.
- Fixed task_kill bug in 2.5.
- Updated the Configuring the SELinux Policy technical report.
- Merged contributed policy analysis and management tools.
- Updated the Contributors page.
12 December 2002
An updated public release of the LSM-based SELinux prototype
was made today. See selinux/ChangeLog for a detailed summary of
the changes. A few highlights are listed below:
- Updated the base 2.4 kernel version to 2.4.20.
- Updated the base 2.5 kernel version to 2.5.51.
- Revised the SELinux-specific patches for 2.4 and 2.5.
- Added initial SID and context for SCMP packets.
- Merged contributed policy enhancements and patches.
- Updated logrotate patch to logrotate 3.6.5-2.
- Fixed private file oversight in LSM.
- Fixed inode_doinit bug in SELinux.
- Fixed Selopt compile problems.
- Updated the Contributors page.
- Added a CREDITS file.
22 October 2002
An updated public release of the LSM-based SELinux prototype
was made today. See selinux/ChangeLog for a detailed summary of
the changes. A few highlights are listed below:
- Updated the base 2.5 kernel version to 2.5.44.
The base 2.4 kernel version remains at 2.4.19, but many changes have been
made to the 2.4 LSM patch and to the 2.4 SELinux module since the last
release.
- Made further revisions to the LSM sock hooks and the
corresponding SELinux hook functions to ensure proper labeling of
outgoing packets when the sock is not attached to a user socket.
- Exterminated precondition functions from the SELinux module.
Added early initialization support and inode_init hooks to the SELinux
kernel patch.
- Added capability check for KDSKBENT and KDSKBSENT ioctls (loadkeys).
- Removed obsolete permissions from access_vectors and policy.
- Added signull permission for kill(pid, 0).
- Restructured the architecture-specific code in the SELinux module.
- Fixed bugs in the audit code, the constraint code, and the persistent label
mapping code in the SELinux kernel module.
- Changed the modified login, sshd, and crond to use the new libsecure
functions and the new /etc/security/default_contexts configuration.
- Merged many contributed policy enhancements.
- Updated the SELinux tar patch to tar-1.13.25-4.7.1.
- Fixed bugs in setfiles, suseradd, and the fileutils patch.
23 August 2002
A bit of good news: The LSM patch is finally being merged into the
mainstream Linux 2.5 kernel. As of Linux 2.5.27, the base LSM
framework and hooks for task operations and program loading operations
have been merged. As of Linux 2.5.29, the hooks for file-related
operations have been merged, although we anticipate some revisions to
these hooks back on feedback from the Linux kernel developers. The
remaining hooks are pending submission until the file-related hooks
have been revised.
An updated public release of the LSM-based SELinux prototype
was also made today. See selinux/ChangeLog for a detailed summary of
the changes. A few highlights are listed below:
- Updated base kernel versions to 2.4.19 and 2.5.31.
- Implemented new sock hooks in LSM. These new hooks are in the LSM
BitKeeper trees, but not in the LSM snapshot patches yet. Reminder:
Use the LSM patches from this site when using SELinux.
- Re-implemented SELinux peer SID functionality using new sock
hooks. The accept_secure call should now be reliable.
- Changed the sysctl hook and /proc/sys labeling to be configurable.
- Fixed bugs in auditing logic, PSID mapping code, and ipc
permission hook.
- Made minor enhancements to checkpolicy and the example policy.
- Merged contributed patch implementing support for automatic type
transitions on devfs pts nodes.
- Merged contributed strace patch for tracing new SELinux calls.
- Merged contributed policy enhancements for policy management.
- Merged many other contributed policy enhancements.
3 July 2002
An updated public release of the LSM-based SELinux prototype
was made. See selinux/ChangeLog for a detailed summary of
the changes. A few highlights are listed below:
- Made many policy sections optional.
- Changed the audit configuration syntax to be more intuitive.
- Added explicit type attribute declarations.
- Generalized the filesystem labeling support and made it configurable.
- Updated the Configuring the SELinux Policy technical report.
- Merged many contributed domains and policy changes.
- Improved support for minimal initrd policies.
- Implemented labeling for kernel-generated IGMP and ICMP traffic.
- Updated the 2.5 kernel version to 2.5.24.
- Updated the openssh patch to openssh-3.4p1.
31 May 2002
An updated public release of the LSM-based SELinux prototype
was made. See selinux/ChangeLog for a detailed summary of
the changes. A few highlights are listed below:
- Updated the Implementing SELinux as a Linux Security Module technical report.
- Updated the 2.5 kernel version to 2.5.19.
- Encapsulated the extended socket call processing and made it optional.
- Implemented connection peer SID lists for accept_secure.
- Added support for selecting enforcing mode at boot/insertion time.
- Enhanced the MLS support.
2 May 2002
An updated public release of the LSM-based SELinux prototype
was made. See selinux/ChangeLog for a detailed summary of
the changes. A few highlights are listed below:
- Added the Configuring the SELinux Policy technical report.
- Added the Implementing SELinux as a Linux Security Module technical report.
- Updated the 2.5 kernel version to 2.5.10.
- Implemented the internal processing for the extended socket calls.
- Merged many contributed domains and policy changes.
- Partitioned the file contexts configuration and relocated it under policy.
- Added a magic number and string identifier to the binary policy header.
- Relocated the binary policy's installation location.
- Fixed SMP problems in the security server, AVC, and hook functions.
- Merged the contributed devfsd module.
- Merged the contributed setfiles -s option.
- Changed checkpolicy to accept nested brackets and empty statements.
- Added support for reloading the policy from the real root filesystem after a pivot.
14 March 2002
An updated public release of the LSM-based SELinux prototype
was made. See selinux/ChangeLog for a detailed summary of
the changes. A few highlights are listed below:
- Updated the base kernel versions to 2.4.18 and 2.5.6.
- Updated the remaining base utility versions to the RH7.2 SRPMS
(contributed).
- Updated base version for openssh to openssh-3.1p1-2.
- Merged contributed support for a default user (user_u).
- Merged several contributed domains (snort, pppd, nscd, squid).
- Merged contributed labeled networking support.
- Started adapting SELinux for the labeled networking support.
- Added support for usbdevfs.
- Deprecated clone statements and role transition rules.
- Started partitioning the every.te rules.
- Partitioned the role declarations and domain transitions.
- Reorganized policy directory.
- Started cleaning up domains to provide better encapsulation.
- Encapsulated architecture-specific components of libsecure.
18 January 2002
The SELinux web site was updated in the following ways:
10 December 2001
The fifth public release of the LSM-based SELinux prototype
was made. This release is based on the lsm-full-2001_12_10 patch
against kernel 2.4.16. See selinux/ChangeLog for a detailed summary of
the changes. A few highlights are listed below:
- Merged the SELinux module into the LSM tree.
- Updated SELinux module to lsm-full-2001_12_10 against kernel 2.4.16.
- Updated openssh patch to openssh-2.9p2-12.
- Updated procps patch to procps-2.0.7-11.
- Updated sh-utils patch to sh-utils-2.0.11-5.
- Updated fileutils patch to fileutils-4.1-4.
- Updated swapon and swapoff hook functions.
- Added stat64 variants of stat_secure system calls.
- Added SELinux option help text to Configure.help.
- Added default Security option settings to defconfig.
- Changed to use -selinux rather than -lsm suffix.
- Revised AVC auditing.
- Added quick install.
- Fixed bug in selinux_inode_delete.
- More bug fixes for newrole.
19 November 2001
The fourth public release of the LSM-based SELinux prototype
was made. This release is based on the lsm-2001_11_05 patch
against kernel 2.4.14. See selinux/ChangeLog for a detailed summary of
the changes. A few highlights are listed below:
- Updated openssh patch to openssh-2.9p2
- Updated util-linux patch to util-linux-2.11f.
- Updated vixie-cron patch to vixie-cron-3.0.1-63.
- Added logrotate patch for logrotate-3.5.9.
- More policy updates.
- Added ext3 as a recognized type for persistent labeling.
- Added missing getscheduler hook function.
- Added check_sb hook function.
- Separated checkpolicy code and build from module.
- Fixed a bug in load_policy.
- Bug fixes in newrole.
- Reimplemented execve_secure via general security system call.
- Moved development and MLS options back into kernel configuration.
- Significant code cleanup.
- Updated to 2.4.14 (with loop fix).
16 October 2001
The third public release of the LSM-based SELinux prototype
was made. This release contains several bug fixes and improvements
to both LSM and SELinux and is based on the lsm-2001_10_11 patch
against kernel 2.4.12. See selinux/ChangeLog for a detailed summary of
the changes. A few highlights are listed below:
- Added support for stacking the capabilities security module.
- Added domain for ssh client program.
- Added contributed named and gdm domains.
- Added more permissions to the example policy.
- Changed extended IPC calls to work when built as a separate module.
- Added run_init utility and domain for running init scripts in the correct context.
- Updated to 2.4.12 (with parport fix).
26 September 2001
The second public release of the LSM-based SELinux prototype
was made. This release contains many bug fixes and improvements
to both LSM and SELinux and is based on the lsm-2001_09_23 patch
against kernel 2.4.10. See selinux/ChangeLog for a detailed
summary of the changes. A few highlights are listed
below:
- Added hooks for controlling Unix domain socket IPC.
- Reworked message queue hooks to address pipelined IPC.
- Added hooks for several miscellaneous system operations.
- Added security class for PF_KEY sockets.
- Merged contributed IPSEC domain.
- Added configurable support for labeling devfs entries.
- Implemented msgsid, shmsid, and semsid calls.
- Changed to use safe memory allocation flags and semaphore
operations when in interrupt context.
- Fixed various synchronization problems.
- Added inline documentation for LSM security hooks.
- Added overview document for LSM
- Updated to 2.4.10.
23 August 2001
- The new SELinux prototype that uses the
Linux Security Modules (LSM) kernel patch
is now available for download. In this release, we are using a kernel
patch based on the lsm-2001_08_16 patch against kernel 2.4.9.
- Papers published about SELinux at Freenix and OLS are
now available.
- A few minor bug fixes were applied to the original SELinux
prototype.
12 April 2001
- Kernel patches are now provided for 2.4.3 and 2.2.19.
- Small updates were made to the example policy configuration.
16 March 2001
- Updated information on the developers'
mailing list and archives was made available.
- Answers to Frequently Asked Questions were
added to the site.
- Kernel patches are now provided for 2.4.2 and 2.2.18.
- The 2.4.2 patch includes changes to virtualize the persistent SID
mapping interfaces and the file mandatory access controls.
- The 2.2.18 patch includes several bug fixes to the old 2.2-based
patch. It also includes a new implementation of System V
IPC mandatory access controls. These controls have not yet been
ported to the 2.4 kernel.
- Both the 2.2.18 and 2.4.2 patches incorporate a change in the
implementation of the new system calls that is not backward compatible
with the old implementation. Hence, the updated libsecure must be
compiled and all modified utilities must be relinked against it.
- The util-linux patch is now provided for the util-linux-2.10s
sources from kernel.org.
- The procps patch is now provided for the procps-010114
sources from http://www.cs.uml.edu/~acahalan/procps.
- The vixie-cron patch is now provided for the vixie-cron-3.0.1-61
sources from Red Hat.
- A small fix was made to the spasswd wrapper program to ensure that
it is not mistakenly used by an administrator to try to change
another user's password. A README was added to explain the purpose
of this program.
- The shadow password file is no longer moved by the installation
scripts, and the modified versions of libpwdb, sulogin, and the shadow
utilities are no longer provided. The relocation of the shadow
password file was creating compatibility problems with a number of
applications despite the updated libpwdb. A different approach
for maintaining a separate security context on the shadow password file
will be implemented in the future.
- The modified versions of rshd and wu-ftpd were removed from the
distribution and each of these daemons were limited to their
initial domain in the example policy configuration.
2 January 2001
Updated source code and patches were made available.
This addressed:
- moving the numbers of the new system calls to avoid conflicts
- fixing the buffer overflow problem discovered in the
find_default_type function in libsecure
- removed extra ';' in policy grammar
- minor adjustments in kernel/flask/Makefile
The press release was
added to the site.
22 December 2000 - First Public Release
The first public release was made available. The release is
based on kernel version 2.2.12 and Red Hat version 6.1 utilities.
This release contains mandatory access controls for the major kernel
subsystems and an example security policy configuration that
demonstrates how to use these controls to meet several security goals.
There is still significant work ahead to provide mandatory access
controls for all kernel services and to provide a complete general
purpose security policy configuration.
Linux is a registered trademark of Linus Torvalds
MITRE is a registered trademark of The MITRE Corporation
Red Hat is a registered trademark of Red Hat, Inc. in the US and other countries.