This releases uses the audit system as its source of system call traces instead of a modified version of strace.
This release incorporates two major changes to polgen. First, polgen now supports generation of reference policy and second polgen uses Polgen Specification Language (PSL) files to bootstrap analysis.
Polgen handles the modularity of reference policy by searching through .if files to find interfaces that will handle access requirements of the program under analysis. It will be necessary for administrators to install those .if files on their machine. Our documentation includes instructions for how to do this. There are several polgen user interface changes that we have made - all in support of generating reference policy. The menu-style interface asks users to fill in information about known capabilities of program entry points and about expectations for how the program module might be used by other to-be-written modules.... read more