SELinux by Example: Using Security Enhanced Linux

In this chapter

  • 12.1 Goals of the Reference Policy

  • 12.2 Overview of Policy Source File Structure

  • 12.3 Design Principles

  • 12.4 Examining a Reference Policy Module

  • 12.5 Build Options for Reference Policy

  • 12.6 Summary

  • Exercises

page 266

page 268

page 271

page 281

page 287

page 291

page 292

The reference policy is a newer method for building SELinux policies with the goal of making the policy easier to understand, modify, maintain, and validate. These goals are largely achieved through greater application of modern software engineering principles, such as modularity and encapsulation. The reference policy also allows strict and targeted policy variants to be built from the same source tree and incorporates support for emerging SELinux technologies, such as loadable modules.

Related

Категории