Version 2004051217 of NSA Security-enhanced Linux

Release Notes: The current prototype and the experimental NFS code are now based on Linux kernel 2.6.6. Several races and kernel socket creation problems were fixed and a runtime disable was added. The old 2.4-based kernel patch was ported to 2.4.26. The userland patches were updated from Fedora Core 2 development. There are now man pages for libselinux. X server security classes and access vector definitions were added and many policy updates were made.

Other releases

Release Notes: This release is based on Linux 2.6.11. The SELinux kernel patch for 2.6.11 includes enhanced MLS support, changes to the execute-related permission checking for legacy binaries, and an extension to the /proc/pid/attr API to allow use by scripts. Enhanced MLS support has been merged into the userspace libraries and tools. The libraries and tools have been modified to allow local customization of file contexts and users without requiring policy sources, and to preserve certain types that are marked as being customizable upon relabels.

Release Notes: This release is based on Linux 2.6.10, but the current SELinux patch for the kernel includes a number of changes merged after 2.6.10 was released, including the AVC scalability work, AVC API and statistics support, dynamic context transition support, and enhanced controls over executable mappings. The checkpolicy policy compiler has been updated to order node context entries and to support supplementary type attribute declarations. Several improvements to libselinux, policycoreutils, and policy have been merged. Updated versions of setools, slat, and polgen were added.

Release Notes: This release is based on Linux 2.6.9, and includes significant scalability enhancements to the core SELinux code. Numerous improvements to libselinux, policycoreutils, and policy have also been merged. An updated version of setools from Tresys has been merged. Updated userland patches and SRPMS have been merged from the Fedora Core 3 development tree. This release includes the first public release of a new tool by MITRE, polgen, which attempts to generate policy for an application based on patterns in its behavior.

Release Notes: The current prototype and the experimental NFS code are now based on Linux kernel 2.6.7. Fine-grained netlink classes and permissions have been added. Many enhancements and bugfixes for policy as well as userland tools including slat and setools have been incorporated.

Release Notes: The current prototype and the experimental NFS code are now based on Linux kernel 2.6.6. Several races and kernel socket creation problems were fixed and a runtime disable was added. The old 2.4-based kernel patch was ported to 2.4.26. The userland patches were updated from Fedora Core 2 development. There are now man pages for libselinux. X server security classes and access vector definitions were added and many policy updates were made.

Screenshot

Project Spotlight

Catharsis.NET.Domain

A .NET library that provides domain business entities.

Screenshot

Project Spotlight

Assassin of the Underdark

An RPG graphical nethack game.