Tresys Technology | About Us

FOR IMMEDIATE RELEASE

CONTACT: info@tresys.com

Tresys Technology Announces the Release of the
Reference Policy, Version 20071214, for Security Enhanced Linux

Columbia, Maryland–December 17, 2007 – Tresys Technology, a leader in security technology innovation and services and a primary contributor to Security Enhanced Linux (SELinux), has released Version 20071214 of the SELinux Reference Policy – a modular, comprehensive, well-documented, and secure SELinux security policy. Reference Policy supports creating customized security policies and is the basis for industry SELinux security policy. It is present in many Linux COTS distributions, such as Red Hat Enterprise Linux.

Prior to this release, Reference Policy was divided into two configurations: targeted and strict. The targeted configuration confined access by specified targets (generally servers, such as apache) while leaving general access unconfined. At the other end of the security spectrum, the strict configuration provided least privilege security and confined all aspects of the system. Transitioning a system between the two configurations was difficult and often required completely replacing the policy. This release of Reference Policy replaces the targeted and strict configurations with a new flexible configuration that allows incremental tightening of the security policy. With the new configuration, converting from targeted to strict – or somewhere between the two – becomes easy..

Reference Policy is just one of several Tresys-developed open source technologies for SELinux. For more information on Reference Policy and other SELinux technologies, visit oss.tresys.com.

About Tresys Technology

Tresys Technology is a principal open source contributor to Security Enhanced Linux (SELinux), with an emphasis on making SELinux easier to use and manage. In addition to its extensive Secure Linux technology development, services, and training experience, Tresys provides many technology solutions that allow Linux users and administrators to easily leverage the power of SELinux. Tresys also provides business and government organizations with expert security engineering services, including security testing, evaluation and certification support, cryptographic solutions, and security technology innovation. For more information, visit www.tresys.com.