This repository has been archived by the owner. It is now read-only.
Fetching contributors…
Cannot retrieve contributors at this time
74 lines (52 sloc) 2.51 KB
SETools version 3.3
Tresys Technology,
August 15, 2008
This file contains a description of the currently aware issues with
SETools. There are undoubtedly more; please report any new problems
1. There is a critical error in libsepol versions 1.16.2 and 2.0.2
that prevents SETools from opening source policies. The supplied
configure script will detect and abort if it finds this particular
1. Double clicking on listbox items may not display popup windows in
certain window managers. Instead the user can right-click on the
item in order to display popup windows. This is due to Tk's event
buffer and is not fixable. (Ref:
2. Apol will correctly load policies with aliases, but the alias names
will be lost (the root type name is used instead). Therefore,
aliases are not displayed and queries should not use them as
3. Certain older source policies will not load if complemented type
sets are used outside of neverallow rules. This is due to apol using
a similar parser to checkpolicy, which no longer accepts this use of
the complement operator (~).
1. Sorting by date will not work correctly if an audit log spans
through a new calendar year. For example, if the audit log
includes entries from December 2003 and January 2004, when sorted
by date January 2004 will come before the December 2003 entry. This
is because audit logs do not include a year; all messages are
assumed to have occurred on the same year.
2. Audit messages that span multiple lines are not parsed correctly.
This will be addressed in a future revision of SETools.
1. There is currently an issue with SWIG Java bindings that prevents
disowning an object, and there is an issue in libsepol that prevents the
duplication of a policy. Pending the availability of one of these features,
it will not be possible to safely use libpoldiff in Java. Future revisions
to the policy representation are expected to permit the duplication of
Operating Systems:
Fedora Core 5 through 9, for both i386 and x86_64 architectures
SELinux monolithic policy versions:
12, 15 through 18
19 through 23 (both with and without MLS support)
SELinux modular policy versions:
5 through 8
Please report any new bugs or comments to
Thank you for using SETools!