What are the guidelines whether and how to use (setools?) interface
annotations, like infoflow[1] or rolecap[2]?
[1]: https://github.com/TresysTechnology/refpolicy/blob/master/policy/modules/system/application.if#L108
[2]: https://github.com/TresysTechnology/refpolicy-contrib/blob/master/vnstatd.if#L170
On 05/05/2017 09:39 AM, Christian G?ttsche via refpolicy wrote:
> What are the guidelines whether and how to use (setools?) interface
> annotations, like infoflow[1] or rolecap[2]?
For a long time, these tags have been intended for tools to leverage. I
think the old SLIDE tool was the only one that attempted to use it.
SETools doesn't use it since it doesn't look at policy sources and has
no knowledge of refpolicy interfaces. I'm not explicitly looking for
them, so it may be time to give up on the idea.
> [1]: https://github.com/TresysTechnology/refpolicy/blob/master/policy/modules/system/application.if#L108
> [2]: https://github.com/TresysTechnology/refpolicy-contrib/blob/master/vnstatd.if#L170
--
Chris PeBenito