Chapter 12. Reference Policy

In this chapter

• 12.1 Goals of the Reference Policy

• 12.2 Overview of Policy Source File Structure

• 12.3 Design Principles

• 12.4 Examining a Reference Policy Module

• 12.5 Build Options for Reference Policy

• 12.6 Summary

• Exercises

The reference policy is a newer method for building SELinux policies with the goal of making the policy easier to understand, modify, maintain, and validate. These goals are largely achieved through greater application of modern software engineering principles, such as modularity and encapsulation. The reference policy also allows strict and targeted policy variants to be built from the same source tree and incorporates support for emerging SELinux technologies, such as loadable modules. ...

Get SELinux by Example: Using Security Enhanced Linux now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.