On 10/16/2013 03:47 PM, Dominick Grift wrote:
On Mon, 2013-07-29 at 13:36 -0400, James Carter wrote:
The CIL compiler, secilc, is now able to create MLS, MCS, and non-MLS binary
policies from a slightly modified version of Refpolicy that has been converted
to CIL.
Anyone interested in trying CIL out can do the following:
I cloned both the repositories in this mail as well as the one hosted by
tresys but no new commits in either
A couple of things stand out when i try this
both non-mls and mls policy have no constraints according to seinfo
An update will be coming soon that will fix that bug.
both non-mls and mls policy have no neverallow rules according to seinfo
They are evaluated by CIL.
the non-mls policy has a category "c0"
That might be a recent bug. I don't see it on some earlier policy binaries
generated by CIL.
I like what i am seeing a lot, unfortunately it is not really usable yet
because user land can't work with it yet, and i need it to create home
directory contexts
The userspace stuff is coming along.
looking forward to and update to this
Thanks for the comments.
--
James Carter <jwcart2@xxxxxxxxxxxxx>
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
