SENG

SENG is an experimental policy language for SELinux. Its goal is to augment the policy language with native support for high-level abstractions to eliminate the need for m4 macros.

Other efforts to develop new policy languages either focus on writing policies for individual applications or only provide a limited subset of SELinux features. SENG is unique in that it intends to be suitable for writing the entire policy, for both the base system and individual modules.

This web page will contain links to various SENG-related resources as they are made available. There is an RSS feed which will provide notifications as this page is updated.

Resources

Compiler and Examples

Source code for the proof-of-concept SENG compiler and examples of policy fragments written in SENG are stored in a Bazaar-NG (a.k.a. bzr) repository located at http://web.ics.purdue.edu/~kuliniew/seng/repo/.

You can download a bzr client from the above link, as well as find tutorials and other documentation on the bzr distributed revision control system. But to get started, here's what you need to check out from the repository:

            $ bzr get http://web.ics.purdue.edu/~kuliniew/seng/repo/
        

To download the latest updates, go to the directory where you checked out the code to and run:

            $ bzr pull
        

To build the SENG compiler, you will need a Java 1.5 environment as well as Ant and JavaCC.

SELinux Symposium 2006 Materials

Paper providing an overview of SENG (PDF, 5 pages)

Presentation slides (web-based)

Contact

Paul Kuliniewicz <kuliniew@purdue.edu>