[refpolicy] Refpolicy interface annotation guidelines

[refpolicy] Refpolicy interface annotation guidelines

[Christian Göttsche]

What are the guidelines whether and how to use (setools?) interface
annotations, like infoflow[1] or rolecap[2]?


[1]: https://github.com/TresysTechnology/refpolicy/blob/master/policy/modules/system/application.if#L108
[2]: https://github.com/TresysTechnology/refpolicy-contrib/blob/master/vnstatd.if#L170

[refpolicy] Refpolicy interface annotation guidelines

[Chris PeBenito]

On 05/05/2017 09:39 AM, Christian G?ttsche via refpolicy wrote:
> What are the guidelines whether and how to use (setools?) interface
> annotations, like infoflow[1] or rolecap[2]?

For a long time, these tags have been intended for tools to leverage.  I 
think the old SLIDE tool was the only one that attempted to use it. 
SETools doesn't use it since it doesn't look at policy sources and has 
no knowledge of refpolicy interfaces.  I'm not explicitly looking for 
them, so it may be time to give up on the idea.


> [1]: https://github.com/TresysTechnology/refpolicy/blob/master/policy/modules/system/application.if#L108
> [2]: https://github.com/TresysTechnology/refpolicy-contrib/blob/master/vnstatd.if#L170



-- 
Chris PeBenito