Developer Summit 2009/Abstracts/Carter Policy

From SELinux Wiki
Jump to: navigation, search


James Carter


Work on a Higher-Level Policy Language


While Refpolicy has resulted in a much better organization of policy and made policy development easier, it is still a very low-level language. As a first step towards developing a higher-level language, language constructs were created to allow SELinux types to be merged and cloned, and to add or remove policy statements. This talk will discuss those four constructs, give examples of their usage, and (hopefully) show how they are useful.