In the modern computing world, a secure system is best implemented with mandatory access control (MAC) mechanisms. One aspect of secure system design is the careful definition of information flows between processes - inter-process communications (IPC). System designers, when weighing the security risks and functionality of different types of IPC, have had to rely on intuition and experience because of the lack of documentation regarding the security properties of the IPC mechanisms. The SIPC project's goal is to address this problem with an in-depth look at IPC mechanisms and creation of a library that can be used to meet this security goal. The SIPC library uses the best combination of traditional Linux IPC mechanisms to ensure a one way information flow that can then be locked down with Security Enhanced Linux (SELinux) policy. SELinux provides the MAC mechanisms used to support and ensure secure communication between processes, as is shown with the SIPC library.
libsipc 2.0 is released and available at libsipc-2.0.tar.gz