NOTE: The event will be held in Central Daylight Time (CDT), UTC -5.

View More Details for Open Source Summit + Embedded Linux Conference North America 2020
Registration Information.
Back To Schedule
Thursday, July 2 • 12:00pm - 12:30pm
SELint - An SELinux Policy Static Analysis Tool - Daniel Burgener, Microsoft

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Writing SELinux policy can be challenging for many users, leading some to either disable SELinux entirely, or use policies that do not adequately support their security goals. While SELinux is a helpful tool for creating customizable security policies, its value as a security mechanism is only as strong as the policy that it enforces.

This talk demonstrates a new tool, called SELint, which can assist in writing scalable and maintainable policies by alerting about common policy issues. The use of this tool can help speed up SELinux policy development and result in more secure policies.

The talk discuss motivation, examples of problems found by the tool, maintenance and security benefits, and the broader question of what steps the security community can take to help users use available security mechanisms correctly.


Daniel Burgener

Senior Software Engineer, Microsoft
Daniel has been working with SELinux for the past 10 years, the past 2 at Microsoft. He maintains SELint, a linter for refpolicy style SELinux policy, as well as Cascade, an early proof of concept for a new high level SELinux policy language. He spoke on SELint at LSS 2020.

Thursday July 2, 2020 12:00pm - 12:30pm CDT
Linux Security Summit Theater
  Linux Security Summit