| 1 |
Hello again, Gentoo SoC community! |
| 2 |
|
| 3 |
==========================Final Progress========================== |
| 4 |
Throughout the Summer I have spent time completing the program called |
| 5 |
the SELinux Policy Originator, or SEOrigin for short. |
| 6 |
|
| 7 |
As stated in the initial proposal SEOrigin is comprised of three components: |
| 8 |
|
| 9 |
*The capture plugin |
| 10 |
*The workflow component |
| 11 |
*The query interface |
| 12 |
|
| 13 |
To make this as short, sweet and simple as possible... |
| 14 |
|
| 15 |
The capture plugin takes the raw m4 macro expansions of selinux |
| 16 |
policies during compilation of a policy, it parses them into record |
| 17 |
like information for the definition of a record and the source record |
| 18 |
of a call in a particular line in the .te file of a selinux policy. |
| 19 |
Once all of this is parsed, it is written to a plain text file that is |
| 20 |
then passed to the workflow component. |
| 21 |
|
| 22 |
The workflow component takes in the parsed records and dissects it for |
| 23 |
necessary information to populate the database that is created upon |
| 24 |
running the workflow script. |
| 25 |
|
| 26 |
The query interface is the interface script that the user will be |
| 27 |
using at the end of all of this. A user will search for a particular |
| 28 |
statement and the query interface will find the origin of that |
| 29 |
statement and it will also see if that statement leads to a call in a |
| 30 |
source record. |
| 31 |
|
| 32 |
Back to the actually progress being made though: |
| 33 |
|
| 34 |
I have successfully created properly functioning scripts for the |
| 35 |
capture plugin, and the workflow component. |
| 36 |
|
| 37 |
I am a little disappointed in myself but I was unable to complete the |
| 38 |
query interface in time. It still needs work before it is of any use |
| 39 |
to anyone. |
| 40 |
|
| 41 |
========================= Plans for the future ======================= |
| 42 |
|
| 43 |
Although I am not finished with the query interface it is obvious that |
| 44 |
I won't just leave it as it is, I plan to continue working on this |
| 45 |
entire project after the summer and supporting the project while I |
| 46 |
live and breathe! I do believe I have learned quite a bit in what |
| 47 |
seems like the small amount of time given to me throughout this |
| 48 |
summer. |
| 49 |
|
| 50 |
With regards, |
| 51 |
Devan Franchini (twitch153) |
Archives