Last year, we talked a bit about CIL and showed some of our thinking of what it could be. Since that time, CIL has evolved significantly. Today, I want to start some discussions around what we've come up with. What is CIL? Essentially, it's an intermediate policy language that provides features to high-level languages to allow them to do what they need to do and work together with each other. It's text-only (no more binary modules) and uses S-expressions to make machine parsing easy (though it's definitely human readable as well). I won't get into all of its goals and features here, but I encourage you to read about them on the CIL design wiki. Where are we in the process? Well, we've been continuing to flesh out the language design for some time, and we're still doing that. You can see this at the CIL design wiki on the SELinux userspace page: http://userspace.selinuxproject.org/trac/wiki/CilDesign . This will continue to grow and evolve as we make progress and get feedback from all of you. We also have the beginnings of a compiler for this language, and you can check it out from the git repo listed at the bottom of the design page. The goal is to eventually merge this into libsepol, though it's a stand-alone project that statically links against libsepol for now. Over the next few weeks, I'm going to explain a few of the key features of CIL here on list in order to get some feedback on them. I look forward to your responses. Thanks, Chad Sellers -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
