NEWS

Revision 4878, 28.6 kB (checked in by cpebenito, 4 years ago)
trunk: final prep for release.

Line
1	SETools 3.3.6:
2
3	This release builds upon SETools 3.3.5:
4
5	* Update attribute handling to use attributes in version 24 policy.
6
7	* Fix bug where dontaudit rules were loaded when the "no rules" option is
8	enabled.
9
10	seaudit:
11
12	* Add MLS fields to source and target contexts.
13
14	* Double clicking a message line will display the orignal log message.
15
16	seinfo:
17
18	* Qdd query for permissive types.
19
20	* Add query for policy capabilities.
21
22	==================================================
23
24	SETools 3.3.5:
25
26	This release builds upon SETools 3.3.4:
27
28	* Update to policy loader to match checkpolicy 2.0.16 and libsepol
29	2.0.32.
30
31	* Changes to libqpol to allow compiling against libsepol >= 2.0.29.
32
33	* Support for reading policy version 23.
34
35	==================================================
36
37	SETools 3.3.4:
38
39	This release builds upon SETools 3.3.3:
40
41	* Update to policy loader to match checkpolicy 2.0.13 and libsepol
42	2.0.23.
43
44	* Fixes to apol for proper handling of Tk 8.5.
45
46	* Fixes to libapol, libqpol, and sechecker to build using GCC 4.3.
47
48	==================================================
49
50	SETools 3.3.3:
51
52	This release builds upon SETools 3.3.2:
53
54	* Changes to libqpol to allow compiling against libsepol >= 2.0.20.
55
56	* Support for reading policy version 22.
57
58	* Clarification to default policy loading for seinfo, sesearch, and
59	sechecker.
60
61	* Build scripts for Debian and Ubuntu.
62
63	==================================================
64
65	SETools 3.3.2:
66
67	This release corrects a number of issues present in SETools 3.3.1:
68
69	* Fix to libqpol for policies lacking genfscon statements; for
70	policies containing disabled aliases; for
71	qpol_type_get_alias_iter() given certain policies; for the special
72	role object_r.
73
74	* Fix to libapol when running a default avrule query on policies
75	that have not had their neverallow rules loaded.
76
77	* Fix to libsefs and apol for invalid regular expressions.
78
79	* Fix to apol when validating empty levels.
80
81	* Fix to all SWIG generated wrappers for Java.
82
83	==================================================
84
85	SETools 3.3.1:
86
87	This release corrects a number of issues present in SETools 3.3:
88
89	* Fix to configure when Tcl is not found on build system; fix when
90	compiling with --disable-gui option.
91
92	* Fix to uninstall targets of Java wrappers.
93
94	* Fix to libapol where transitive flows could return results that
95	were supposed to be excluded; fixed memory leaks in infoflow graph
96	generation.
97
98	* Fix to libsefs when running MLS query on non-MLS fclists.
99
100	* Fix to apol when reading older .apol files; fix copy and select
101	all on certain tabs; fix to filter by attribute on some advanced
102	dialogs.
103
104	==================================================
105
106	SETools 3.3:
107
108	SETools:
109
110	* SETools now has an external dependency upon libsqlite3 >= 3.2. The
111	supplied configure script will enforce this dependency.
112
113	* pkg-config scripts are installed with the SETools libraries.
114
115	libsefs:
116
117	* Rewrite of library to have proper namespaces and much more usable
118	object-oriented design.
119
120	* SWIG wrappers generated for this library if the appropriate
121	configure flags are set.
122
123	findcon, searchcon:
124
125	* Merge searchcon's functionality into findcon. The searchcon tool
126	has been removed from SETools.
127
128	indexcon, replcon:
129
130	* Updated to use new libsefs design.
131
132	apol:
133
134	* Updated to use new libsefs design.
135
136	* Modified to use the SWIG Tcl interface rather than a custom C
137	library. apol is now a combination of a Tcl script (simply called
138	'apol') and associated packages that are required at runtime.
139
140	* Neverallow rules are only loaded and expanded when the user
141	performs a search for them. This will dramatically speed up
142	initial policy load time.
143
144	awish:
145
146	* awish is no longer needed and thus has been removed from SETools.
147
148	sediff, sediffx:
149
150	* Instead of differentiating "AV rules" or "TE rules", user now
151	specifies which particular rule to compare (allow, dontaudit,
152	type_transition, etc.).
153
154	* Neverallow rules are only loaded and expanded when the user
155	performs a diff upon them. This will dramatically speed up
156	initial policy load time.
157
158	==================================================
159
160	SETools 3.2:
161
162	libapol, libqpol, libesaudit, libpoldiff:
163
164	* If --enable-swig-python is given during configure time, the build
165	system will create Python SWIG wrappers for these libraries.
166
167	* If --enable-swig-java is given during configure time, the build
168	system will create Java SWIG wrappers for these libraries.
169
170	libpoldiff:
171
172	* Provides ability to diff levels, categories, and range_transition
173	statements. Provides ability to diff modifications to a user's
174	default level and permitted MLS range, assuming the policies are MLS.
175
176	apol, seaudit, sediffx:
177
178	* Introduces 'policy list', a small text file that contains
179	references to a base policy and any number of modules. After
180	selecting the base policy and modules in a tool's open policy
181	dialog, click on 'Export' to write a policy list to disk. That
182	policy list then may be imported into the same tool or any other
183	graphical SETools application. This file also may be specified
184	on the command line for all tools that load a policy.
185
186	sesearch, apol:
187
188	* Provides full support for version 21 policy (i.e., object classes for
189	range_transition statements).
190
191	sediff:
192
193	* Shows MLS diffs.
194
195	sediffx:
196
197	* Shows MLS diffs.
198
199	* Provides option to show line numbers that contributed just to a
200	specific AV rule's permission by clicking that AV rule's permissions.
201	This is in addition to existing sediffx behavior that showed all lines
202	associated with a particular rule difference.
203
204	* Provides support for type joins and splits within the type remap dialog.
205
206	==================================================
207
208	SETools 3.1:
209
210	SETools:
211
212	* All tools that open a policy now support loadable policy modules.
213	Command line tools expect the first module to be a base module
214	followed optionally by any other modules. Graphical tools have
215	a new open policy dialog to select a base module and any number of
216	additional modules.
217
218	* Release of RPM packages that are compatible with Fedora Core 5 and
219	6. The spec and support files are in packages/rpm.
220
221	libapol:
222
223	* New class apol_policy_path_t to represent a base policy and any
224	number of modules. Use this whenever referring to the file or
225	files constituting a policy.
226
227	libqpol:
228
229	* Policy features such as attribute names or MLS can now be queried
230	individally via qpol_policy_has_capability() rather than inferred
231	by policy type and version.
232
233	* New class qpol_module_t to represent a particular policy module
234	prior to it being linked into a base policy (qpol_policy_t).
235
236	libseaudit:
237
238	* Rewrite of library to have proper namespaces. libseaudit is now
239	fully documented and suitable for third-party users.
240
241	seaudit:
242
243	* Rewrite to use new libseaudit.
244
245	* Numerous tweaks to the interface to be more user friendly.
246
247	seaudit-report:
248
249	* Rewrite to use new libseaudit.
250
251	sediffx:
252
253	* Numerous tweaks to the interface to be more user friendly.
254
255	==================================================
256
257	SETools 3.0.1
258
259	SETools:
260
261	* All code has been indented uniformly via the 'make indent' target.
262
263	SETools libraries:
264
265	* All libraries now have a get_version() function.
266
267	libqpol:
268
269	* Syntactic rule table is now off by default; it requires an
270	explicit call to qpol_policy_build_syn_rule_table() to create it.
271
272	libapol:
273
274	* apol_policy_t is now an opaque structure. apol_permmap_t is no
275	longer a public declaration.
276
277	* avrule and terule queries now have full "syntactic" searching
278	features.
279
280	apol & sesearch:
281
282	* If loaded policy is source, the new syntactic search algorithm is used.
283
284	==================================================
285
286	SETools 3.0
287
288	SETools:
289
290	* Moved entire project to autoconf build system. This will detect
291	dependencies correctly and make it easier to integrate with Linux
292	distributions and their packaging systems.
293
294	SETools libraries:
295
296	* Rewrite of back-end of SETools to use libsepol data structures.
297	Most things should run notably faster.
298
299	* All exported library functions have a standardized naming
300	convention and are fully documented. This will prove helpful for
301	third-party developers integrating SETools into their own
302	projects.
303
304	* For policies version 15 or greater, domain transition analysis now
305	takes into consideration setexec permission and/or type_transition
306	rules.
307
308	apol:
309
310	* Rework Tk interface to fit on 1024x768 displays.
311
312	* Indirect matching of attributes now works with rule searches.
313
314	sediff:
315
316	* New diffing algorithm yields significant speed improvements.
317
318	* Can now diff neverallow and role_transition statements.
319
320	* Streamlined results display - should be easier to read.
321
322	sechecker:
323
324	* Updated module format and template for ease of extension.
325
326
327	=======================================================
328	May 1, 2006, Version 2.4
329
330	apol:
331	File contexts tab now allows for MLS range searching if
332	the loaded database is from a MLS filesystem.
333	Policy statistics dialog now shows MLS and ocontexts
334	summaries.
335
336	libapol:
337	Added support for loading base policies containing optionals.
338	Added support for searching range transitions containing
339	attributes.
340
341	libseaudit:
342	Bugfix to support parsing FC5-style audit logs.
343
344	seaudit:
345	Added date filters.
346
347	secmds:
348	Added support to indexcon and searchcon for MLS filesytems.
349	Added support to findcon and replcon for MLS filesystems.
350
351	sechecker:
352	Added incomplete network access (inc_net_access) module.
353	Added unreachable domains (unreachable_doms) module.
354	Added impossible range transitions (imp_range_trans) module.
355
356	sesearch:
357	Allow user to search range transitions by attributes and
358	indirect matching.
359	Added RBAC searching.
360
361
362	=======================================================
363	January 23, 2006, Version 2.3
364
365	apol:
366	added new MLS components tab for sensitivities,
367	levels, and categories.
368	changed users tab to support ranges and default
369	levels.
370	added range transition tab for searching range
371	transition rules.
372	added new tab for network context components.
373	added new tab for file system context components.
374	libapol:
375	added binpol support for MLS, network contexts,
376	and file system contexts.
377	seinfo:
378	added command line options for MLS components.
379	added command line options for network contexts
380	and file system contexts.
381	sesearch:
382	added command line option for searching for rules
383	by conditional boolean name.
384	seaudit:
385	added new column in the log view for the 'comm'
386	field found in auditd log files.
387	added filters for the 'comm' field and 'message'
388	field.
389	manpages:
390	added manpages for all tools.
391
392	=======================================================
393	October 31, 2005, Version 2.2
394
395	libapol:
396	replaced the original dta algorithm with a new one
397	to properly support complements in rules. added
398	new structures to support the separation of diff
399	elements. added support for parsing additional
400	policy components in source policies.
401	sediff:
402	enhanced the GUI for display and separation of diff
403	elements. added the ability to rename types.
404	sechecker:
405	added a new tool - a commandline modular and
406	extensible policy checker program
407	seuser:
408	removed - deprecated
409	sepcut:
410	removed - deprecated
411
412	=======================================================
413	October 12, 2005 Version 2.1.3
414
415	libapol:
416	fixed a mls bug in the source parser.
417
418	=======================================================
419	August 24, 2005 Version 2.1.2
420
421	apol:
422	created new permission maps for policy versions
423	19 and 20. also some minor changes to support
424	version 20 binary format.
425	libseaudit:
426	updated the parser to properly parse avc
427	messages from auditd logfiles
428	libapol:
429	updated the binary policy parser to handle the
430	new version 20 avtab format. The parser
431	preserves attributes in av rules by generating
432	fake attribute names.
433
434	=======================================================
435	May 17, 2005, Version 2.1.1
436
437	libseaudit:
438	updated code to compile with gcc-4.0.0
439	minor bug fixes
440
441	sediff:
442	updated code to compile with gcc-4.0.0
443
444	seaudit:
445	updated code to compile with gcc-4.0.0
446
447	libsefs:
448	updated code to compile with gcc-4.0.0
449
450	libapol:
451	updated code to compile with gcc-4.0.0
452	minor bug fixes
453
454	seuser:
455	updated code to compile with gcc-4.0.0
456
457	======================================================
458	April 18, 2005, Version 2.1.0
459
460	apol:
461	improved direct relabel analysis algorithm
462
463	libapol:
464	added policy version 19 support
465
466	sediff:
467	added role transitions, improved role allow
468	added conditional expression differences
469
470	=======================================================
471	February 16, 2005, Version 2.0
472
473	setools:
474
475	libsefs:
476	Converted to use an on-disk SQLite database backend and
477	re-designed API to provide the functionality to other
478	applications, such as apol.
479	libapol:
480	Added support for analyzing direct file relabels.
481	Added support for analyzing relationship between two types.
482	Integrated use of hashtable structures for easily analyzing
483	differences between policies.
484	Minor bug fixes.
485
486	libseuser:
487	Minor bug fixes.
488
489	apol:
490	New analysis module for performing direct file relabel
491	analysis.
492	New analysis module for analyzing the relationship be-
493	tween two types.
494	New interface added for viewing file contexts from an
495	SELinux filesystem.
496	Improvements to domain transition analysis interface.
497	Minor bug fixes and GUI tweaks.
498
499	secmds:
500	Updated indexcon/searchcon to use an on-disk SQLite database
501	in order to decrease memory use. These changes are not
502	backwards-compatible.
503
504	seaudit:
505	Integrated reporting functionality into GUI.
506	Minor GUI tweaks.
507
508	sediff:
509	New gtk GUI and command-line tools for analyzing the semantic
510	differences between two policies. The semantic difference
511	of a policy is different from the syntactic difference in
512	that it shows the cumulative effect of rules rather than
513	doing a line-by-line comparison.
514	=======================================================
515	November 4, 2004, Version 1.5.1
516
517	apol:
518	Fixed compatibility with tcl 8.3.
519
520	libsefs:
521	Fixed compile problem on PPC.
522
523	secmds:
524	Fixed fatal error in replcon.
525
526	setools:
527	Reverted to static linking and fixed various small bugs.
528
529	========================================================
530	October 27, 2004, Version 1.5
531
532	apol:
533	Advanced options added to forward domain
534	transition analysis module for performing
535	more granular searching of transitions to
536	domains using specified classes, permissions
537	and target types.
538	Minor bug fixes and improvements.
539
540	libapol:
541	Fixed to handle new libapol user structs.
542	Enhanced forward domain transition analysis to
543	perform more granular searching using specified
544	classes, permissions and target types.
545	Minor bug fixes.
546
547	libseuser:
548	General clean up of the policy components.
549	Fixed handling of users to be consistent with rest.
550
551	seaudit:
552	New tool (seaudit-report) for generating customized
553	reports on SE Linux audit messages using saved
554	seaudit view files. This tool is highly configurable
555	and can effectively integrate with the LogWatch
556	application for automating SE Linux audit log reporting.
557	Added feature for exporting audit messages to a
558	file, as well as viewing all components of an audit
559	message within a text view.
560
561	libseaudit:
562	Updated library to store audit header information, such as
563	the system call timestamp and serial number.
564	Fixed parse errors for new logs.
565
566	secmds:
567	New tool (indexcon) for creating a snapshot of security
568	contexts for SE Linux filesystem entities.
569	New tool (searchcon) for searching the SE Linux filesystem
570	database that was created using indexcon.
571
572	=======================================================
573	July 7, 2004, Version 1.4.1
574
575	setools:
576	Added the install target install-dev to install the
577	setools headers and libraries for third party
578	developers (libapol, libseuser, libseaudit).
579
580	libapol:
581	Added support for parsing policy version 18 (source
582	and binary).
583	Added a permission map for version 18 policies.
584
585	libseaudit:
586	Fix timezone related bug that resulted in incorrect
587	dates displayed in seaudit.
588
589	=======================================================
590	June 2, 2004, Version 1.4
591
592	setools:
593	Made policy installation and file labeling a separate
594	makefile target to better support non-default policies
595	like the 'targeted' policy included in Fedora Core 2.
596	apol:
597	Added support for the user to change the name of
598	result tabs.
599	Added new Tool Options dialog for opening limited
600	portions of the selinux policy.
601	GUI changes to correctly support binary policies.
602	Enhanced display of conditional rules in TE rule
603	search results.
604	libapol:
605	Added support for loading binary policy files (in
606	addition to source policy files).
607	Added utility functions for finding default policies
608	- both source and binary.
609	Various cleanups and bug fixes to source policy parsing.
610	secmds:
611	Added conditional policy support to seinfo.
612	Changed to use libapol default policy logic.
613	seaudit:
614	Changed to use libapol default policy logic.
615	Gui changes to correctly support binary policies.
616	libseuser:
617	Changed to use libapol default policy logic.
618
619	=======================================================
620	May 5, 2004 Version 1.3.1
621
622	apol:
623	Fixed to properly exclude object classes and/or
624	permissions in information flow analysis.
625	libapol:
626	Fixed to properly exclude object classes and/or
627	permissions in information flow analysis.
628	seuser:
629	Changed default policy.conf location in seuser.conf
630	to /etc/security/selinux/src/policy/policy.conf
631	Minor bug fixes.
632	sepcut:
633	Minor bug fixes.
634	libseuser:
635	Minor fixes to parsing of the seuser.conf file.
636
637	=======================================================
638	April 15, 2004 Version 1.3
639
640	apol:
641	Added conditional policy support.
642	Added permission weighting for information flows.
643	libapol:
644	Added full support for conditional policies.
645	Included support for policy version 17
646	Various fixes and updates
647	seaudit:
648	Added support for audit messages from changing
649	booleans in a conditional policy.
650	Added multiple filters/views.
651	libseaudit:
652	Updated to support new audit framework in the 2.6.5
653	kernel.
654	seuser:
655	Added home directory labeling command as command
656	line option.
657	libseuser:
658	Updated to support home directory labeling.
659	secmds:
660	Added new context swap tool (replcon).
661	Added new context search tool (findcon).
662
663
664	========================================================
665	February 6, 2004 Version 1.2.1
666
667	Libapol:
668	Fixed parse error when using attributes in role
669	declarations.
670
671	========================================================
672	February 4, 2004 Version 1.2
673
674	Apol:
675	Added saving and loading queries from the TE rules tab.
676	Added a tab for referencing initial SIDs in the policy.
677	Fixed some memory usage problems in information flow.
678	Combined Forward and Reverse domain transitions into one
679	analysis module.
680
681	Seuser:
682	Some minor changes to command line parsing for better use on
683	non selinux machines.
684
685	Seaudit:
686	Added real-time log monitoring capability.
687	Added support for hostname recognition in logs.
688	Added ability to select from values that appear in the
689	policy or the log, for filtering. An open policy is no
690	longer needed to filter a log.
691
692
693	Libapol:
694	Added support for new policy language features ('-' in
695	lists of types and typealias).
696	Enabled conditional policy (v16) support by default.
697	Added support for parsing and storing initial SIDs.
698
699	========================================================
700	December 30, 2003 Version 1.1.1
701
702	libapol:
703	fixed memory leakage on information flow analysis
704
705	seaudit:
706	fixed to properly compile with ISO C90 standards.
707
708	libseaudit:
709	fixed to properly compile with ISO C90 standards.
710
711	seuser:
712	fixed build process to properly build with no GUI.
713	fixed help for 'seuser -X'
714	removed default_context and cron_context in seuser.conf
715
716	secmds:
717	fixed seinfo to display version information
718
719
720	========================================================
721	December 18, 2003 Version 1.1
722
723	Apol:
724	Significantly improved transitive information flow analysis
725	by allowing for greater control over the types,
726	object classes, and permissions to use in an analysis;
727	as well as the ability to search for multiple paths
728	bounded by number of founds paths and time.
729	Additional work to complete a fully functional
730	transitive flow analysis is planned.
731	Updated to work with restructured libraries
732	Added support for saving and loading analysis queries
733	Additional work to make the fonts and window sizes work better
734
735	Seuser:
736	Updated to work with restructured libraries.
737	Created separate seuser (no X) and seuserx (X) commands
738
739	Secmds: NEW
740	Added new command line tools:
741	seinfo: displays information--including expanded
742	information--about the components of a
743	policy (classes, types, attributes, users,
744	roles), as well as policy stats
745	sesearch: searches and displays type enforcement
746	rules based on criteria such as source
747	and target type, object class, permissions,
748	and rule type
749
750	seaudit: NEW
751	Added a new GUI-based audit log analysis tool. The tool allows
752	one to view and search SE Linux messages from a log file
753	and to analyze the policy for rules that relate to
754	a given audit message. This is a first generation tool,
755	and real-time monitoring of the audit messages is planned.
756
757	libseaudit: NEW
758	Includes library to parse and store SE Linux audit messages.
759
760	Libapol:
761	Added latent support to parse future conditional policy syntax
762	Restructured library to separate core functions from
763	TCL/TK/X support functions (to allow non-X commands).
764	There are now libapol and libapol-tcl libraries.
765	Removed "dead" code and various bug fixes and clean up
766	Improved transitive information flow analysis.
767
768	Libseuser:
769	Restructured library to separate core functions from TCL/TK/X
770	support functions (to allow non-X commands). There are
771	now libseuser and libseuser-tcl libraries.
772
773
774	========================================================
775	October 30, 2003 SE Linux Tools, version 1.0.1
776
777	Apol:
778	Update to default font configuration
779
780	Sepcut:
781	Update to default font configuration
782
783	Seuser:
784	Updated seuser .te file
785	Update seuser Makefile to use -Z option when installing seuser
786	Update to default font configuration
787
788	Libapol:
789	Minor fix to support Tcl 8.4 interface
790
791	========================================================
792	September 22, 2003 SE Linux Tools, version 1.0
793
794	Added BWidgets source under packages.
795	Added support for rpm packages.
796
797	Apol:
798	Added reverse domain transition analysis.
799	Added direct information flow analysis.
800	Added an experimental transitive information flow
801	analysis.
802	Added permap loading/editing/saving support (required by
803	information flow analyses).
804	Fixed various bugs.
805
806	Sepcut:
807	Added 'Relabel Files' button in the test policy tab.
808	Fixed various bugs.
809
810	Seuser:
811	Fixed forward and backward compatibility in the use of system
812	user administration utilities (i.e., old versions of
813	SELinux use suseradd, new versions use useradd).
814	Changed shell scripts to fix compatibility.
815
816	Libapol:
817	Fixed type alias support.
818	Added support for policy version 15.
819	Added direct information flow analysis capabilities.
820	Added partial transitive information flow analysis
821	capabilities.
822	Added reverse domain transition analysis capabilities.
823	Added permap support.
824	Fixed various bugs.
825
826
827
828	========================================================
829	June 9, 2003 SE Linux Tools, Release 20030609
830
831	Apol:
832	Simplified the user interface by consolidating tabs.
833	Various bug fixes and clean up
834
835	Sepcut:
836	Added feature to track recently opened policy dirs
837	Added feature to allow one to save policy module configurations
838	so that one policy directory may be use for multiple
839	configurations.
840	Added feature to allow individual user ability to control
841	tool global settings
842	Enhanced tools ability to stay in sync with on disk view
843	Various minor fixes and code clean up
844
845	Seuser:
846	Various bug fixes and general clean up
847
848	Libapol:
849	Fixed various bugs.
850
851
852	========================================================
853	April 10, 2003 SE Linux Tools, Version 0.8
854
855	Apol:
856	Added Analysis tab for new domain transition analysis capability.
857	Changed compile process to install just a single, compressed .tcl file
858	Fixed problems with fonts.
859
860	Sepcut:
861	Added support for older policy directories (customize
862	tab will disable if domains/program doesn't exist)
863	Minor fixes
864
865	Seuser:
866	Significantly changed command line options. Added rename, show, and load
867	commands. Added -X, -f, and -R flags. Made loading policy the
868	default and replaced -L with -N flag. Removed -g and -r flags.
869	Added seuseradd, seuserdel, and seusermod scripts as shell wrappers for
870	the s* equivalent wrappers that also call seuser as necessary
871	to provide single command-line interface to manage users
872	Completely replaced the graphical user interface (GUI) that supports
873	a single interface to manage both system and selinux
874	user issues
875	Removed support for old-style default context management.
876
877	Libapol:
878	Added extensions to support new domain transition analysis
879	Fix various problems with handling '*' in TE rules
880	Remove the OBJ_CLASSES_PERMS compile flag and the associated
881	old dead code.
882	Added command to get types for a given attribute as a list
883	Began restructuring the rule rendering code.
884	Fixed some memory leaks
885	Various bug fixes, clean up, and restructuring
886
887	Libseuser:
888	Added commands to get system groups
889	Modified command that returns system users to also identify
890	user type.
891	Added several new command support wrap functions to support new command
892	line interface.
893	Various bug fixes.
894
895
896
897	========================================================
898	February 27, 2003 SE Linux Tools, Version 0.7
899
900	Enhanced SepCut:
901	Added text search feature
902	Added ability to include a policy directory path on command line
903	Added ability to view all unsaved, modified files in various
904	dialogs
905	Fixed various bugs
906
907	Apol updates:
908	Added a policy.conf tab with search ability
909	Added hyperlinks between TE rules and policy conf allowing one to
910	look up where in policy.conf where a given rule came from
911	Added basic ability to recognize roles declared via dominance statement
912	(semantics of statement still to be done)
913	Fixed various bugs
914
915	Libapol:
916	Updated to support apol hyperlinking.
917	Minor bugs
918
919	Seuser:
920	Updated seuser .te file to fix policy dependencies
921
922
923	========================================================
924	January 09, 2002 SE Linux Tools, Version 0.6.1
925
926	Updated install process to allow setools to be installed during
927	initial selinux system install
928
929	Fixed various problems with seuser's policy .te and .fc files
930	(Wayne Salamon, wsalamon@tislabs.com)
931
932	Fixed way sepcut handle temporary files to accommodate policy
933	fixes
934
935
936
937	=========================================================
938
939	December 18, 2002 SE Linux Tools, Version 0.6
940
941
942	Created SePCuT: SE Linux Policy Customization Tool
943	a first generation GUI policy customization/editing/testing tool
944
945
946	Update libapol:
947	Added regular expression searches to types/attribs, TE rules, objects
948	Cleaned up the policy version hints support
949	Tested with MLS enabled and added a compile option
950
951
952	Updated apol:
953	Changes to accommodate regex searches
954	Made displays read only
955	Various minor GUI improvements and bug fixes
956
957	Updated libseuser:
958	Added checks and support for new login context style (support both
959	old and new style)
960	Added buffer overflow checks
961
962	Updates seuser:
963	Supports old and new login context styles
964	Better error checking for command line interface
965
966
967
968	===============================================================
969
970	September 21, 2002 SE Linux Tools, Version 0.5
971
972
973	Updated libapol:
974	Added object classes and permissions to lib
975	Added avl-tree based sorting (~40% improvement in load time)
976	various minor bugs
977
978	Updated apol:
979	Added object classes and permissions tab
980	Added object classes and permissions as TE rule search options
981	Added multiple results tabs for type enforcement rule searches
982	Added a recent files menu to the File menu
983	Various minor fixes
984
985	Updated libseuser:
986	Added non-TCL/TK wrappers for C programs (to support command line seuser)
987
988	Updated seuser:
989	Added command line version and options
990
991	Misc:
992	General clean up
993	Improved string buffer overflow validation
994
995	=================================================================
996
997
998	August 1, 2002 SELinux Tools, Version 0.4.2
999
1000	Updated libapol:
1001	Updated policy parsing to work with July 2002 policy syntax changes
1002	Added backward compatibility with older policies
1003	Added policy version checking
1004	Replaced notify with dontaudit
1005	Added new generalized filesystem syntax
1006	Added latent structures for object classes and permissions
1007
1008	Updated apol:
1009	Updated GUI to reflect libapol changes
1010	Added dontaudit rule selector
1011	Made several font fixes
1012	Added policy version indicators
1013	Various minor GUI fixes
1014
1015	Updated seuser:
1016	Added a policy for seuser tool itself
1017	Various GUI updates and bug fixes
1018	Compatibility updates

Note: See TracBrowser for help on using the browser.

Download in other formats:

Original Format

* Generating other formats may take time.