Refpolicy Alternatives

Similar projects and alternatives to refpolicy

systemd

510 12,432 10.0 C refpolicy VS systemd

The systemd System and Service Manager
opensnitch

213 9,652 9.2 Python refpolicy VS opensnitch

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
WorkOS

workos.com sponsored

The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
firejail

139 5,429 9.7 C refpolicy VS firejail

Linux namespaces and seccomp-bpf sandbox
wayland-keylogger

30 151 0.0 C refpolicy VS wayland-keylogger

Proof-of-concept Wayland keylogger
sysbox

22 2,517 8.6 Shell refpolicy VS sysbox

An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.
tiny-snitch

9 63 3.1 Go refpolicy VS tiny-snitch

an interactive firewall for inbound and outbound connections
dind

3 2,307 0.0 Shell refpolicy VS dind

Discontinued Docker in Docker
InfluxDB

www.influxdata.com sponsored

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
selinux-policy-arch

1 32 0.0 Python refpolicy VS selinux-policy-arch

SELinux policy with Arch Linux specific changes. Based on the refrence policy
discovery-engine

2 28 7.6 Go refpolicy VS discovery-engine

Discover least permissive security posture, Network Microsegmentation, and Application behaviour based on visibility/observability data emitted from policy engines..
cascade

1 54 7.4 Rust refpolicy VS cascade

A high level language for SELinux policy (by dburgener)
libdropprivs

1 1 0.0 C refpolicy VS libdropprivs

Example code (will be library) for dropping privileges

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better refpolicy alternative or higher similarity.

Suggest an alternative to refpolicy

refpolicy reviews and mentions

Posts with mentions or reviews of refpolicy. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-04-26.

SELinux policies for Alpine Linux
1 project | /r/linuxadmin | 25 Oct 2023

Distributions often start with the SELinux reference policy rather than starting from scratch.
SELinux is unmanageable; just turn it off if it gets in your way
8 projects | news.ycombinator.com | 26 Apr 2022

really? I don't mean understand how to apply a new label. I mean understand what the policies are and how they work, be able to create new ones that apply to you, and verify that the ones given to you by the distro are correct for your use. You're saying this is not hard to understand: https://github.com/SELinuxProject/refpolicy/blob/master/poli... ?
Otherwise you are blindly applying some black box.
Which SELinux policy should you use?
2 projects | /r/archlinux | 10 Feb 2022

selinux-refpolicy-src pulls from the original SELinux Project refpolicy repo and just install-src these, which just places all policies into appropriate directory and does nothing futher, i. e. doesn't compile them to make usable
Need help writing rules, please
1 project | /r/selinux | 17 May 2021

https://github.com/SELinuxProject/refpolicy/blob/4412ad507c5880d9ff52fd376c23183cc9ae10b7/policy/support/misc_patterns.spt#L55
Wayland Keylogger (2021)
4 projects | news.ycombinator.com | 30 Jan 2021

Of those distributions, only Fedora sets SELinux to enforcing by default. Moreover, AFAIK Fedora (+ RHEL and Android) are the only distributions that had wide testing of the reference policy [1] [2]. So, if you enable SELinux with the reference policy on the other distributions that you mention, it is likely that you will run into all kinds of issues.
[1] https://github.com/SELinuxProject/refpolicy
[2] https://github.com/fedora-selinux/selinux-policy
Switching from CentOS/RHEL to openSUSE as main enterprise OS, experiencies and general tips?
1 project | /r/openSUSE | 2 Jan 2021

No default or reference policy is provided in openSUSE Leap. SELinux will not operate without a policy, so you must build and install one. The SELinux Reference Policy Project (https://github.com/SELinuxProject/refpolicy/wiki) should be helpful in providing examples and detailed information on creating your own policies, and this chapter also provides guidance on managing your SELinux policy.
Is this legit? SELinux is preventing login from getattr access on the filesystem /dev/shm.
1 project | /r/selinux | 21 Dec 2020

Interesting. I don't have a red hat based system handy at the moment to compare since I'm on holiday. Maybe that's just how they set up shm? If you compare to Reference Policy, it appears that the getattr permission you asked about is granted there: https://github.com/SELinuxProject/refpolicy/blob/8a1bc98a31a9f2396f3c1389f43ffb10df31157f/policy/modules/system/systemd.te#L600
A note from our sponsor - SaaSHub
www.saashub.com | 25 Apr 2024

SaaSHub helps you find the best software and product alternatives Learn more →