Reference Policy Status

Current release: 20080702

To Do

The following is a list of tasks planned for the Reference Policy project.

Policy

• Experiment with using RBAC for role separation instead of derived types
  • In progress, rbacsep branch
  • Also experimenting with user based separations
• Merge SELinux-enhanced X server policy
  • Core support in revision 2655.
• Merge strict and targeted policies
  • In trunk as of revision 2437.
• Globbing for file contexts specification instead of regular expressions (experimental)
  • In progress, fcglob branch
• Add enableaudit functionality
  • Implemented via libsemanage

Policy Compiler

Blocked on new policy representation work

• Add interfaces
• Add tunables
• Make nested conditionals work
  • Works naturally from new policy representation