DSSP2

Defensec SELinux Security Policy 2 (DSSP2) currently implements two policy models: Minimal and Standard. The aim of the Minimal DSSP2 policy model is to provide a small base policy that can be used to experiment with and to build on top of in order to address custom Mandatory Access Control (MAC) challenges. DSSP2 Minimal leverages Common Intermediate Language (CIL), provides basic partitioning of Linux entities and encourages the use of existing templates, macros, class permisssions and maps. The Standard DSSP2 policy model is built on top of DSSP2 Minimal. Its aim is to enforce integrity plus separation based on roles and optionally compartments.