system environment/libraries

libsepol - SELinux binary policy manipulation library

License: LGPLv2+
Vendor: CentOS
Security-enhanced Linux is a feature of the Linux® kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux.  The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement®, Role-based Access
Control, and Multi-level Security.

libsepol provides an API for the manipulation of SELinux binary policies.
It is used by checkpolicy (the policy compiler) and similar tools, as well
as by programs like load_policy that need to perform specific transformations
on binary policies such as customizing policy boolean settings.


libsepol-2.5-8.1.el7.x86_64 [296 KiB] Changelog by Vit Mojzis (2017-10-12):
- Define nnp_nosuid_transition policy capability (rhbz#1480519)
- use IN6ADDR_ANY_INIT to initialize IPv6 addresses
- Allow runtime labeling of ibendports (rhbz#1464489)
- Allow runtime labeling of Infiniband Pkeys (rhbz#1464489)
- Add IB end port handling to CIL (rhbz#1464489)
- Add ibendport ocontext handling (rhbz#1464489)
- Add support for ibendportcon labels (rhbz#1464489)
- Add Infiniband Pkey handling to CIL (rhbz#1464489)
- Add ibpkey ocontext handling (rhbz#1464489)
- Add support for ibpkeycon labels (rhbz#1464489)
- Remove unused attribute on a used argument from avrule_read() (rhbz#1464489)
- Add binary module support for xperms
- Add support for converting extended permissions to CIL

Listing created by Repoview-0.6.6-4.el7