National Security Agency: Third Public Release SELinux

16 October 2001

The third public release of the LSM-based SELinux prototype was made. This release contains several bug fixes and improvements to both LSM and SELinux and is based on the lsm-2001_10_11 patch against kernel 2.4.12. See selinux/ChangeLog for a detailed summary of the changes. A few highlights are listed below:

• Added support for stacking the capabilities security module.
• Added domain for ssh client program.
• Added contributed named and gdm domains.
• Added more permissions to the example policy.
• Changed extended IPC calls to work when built as a separate module.
• Added run_init utility and domain for running init scripts in the correct context.
• Updated to 2.4.12 (with parport fix).

Complete Story

Related Stories:

• LinuxSecurity.com: New release of the LSM-based SELinux prototype (Sep 28, 2001)
• UnderLinux: Interview Elias Levy (BugTraq's Aleph1)(Sep 13, 2001)
• Linux Weekly News for August 30, 2001(Aug 30, 2001)
• Crispin Cowan: Linux Security Module Interface(Apr 12, 2001)
• NSA Grants $1.2 Million Contract to Continue Work on Its Security Enhanced Linux(Apr 09, 2001)
• Security Portal: ImmunixOS 7 - Secure Linux(Mar 14, 2001)
• Slashdot: Robert Watson on FreeBSD and TrustedBSD(Jan 18, 2001)
• Security-enhanced Linux available at NSA site(Dec 22, 2000)
• Slashdot: NSA Releases High Security Version Of Linux (Dec 22, 2000)