2006-02-23  John D. Ramsdell  <ramsdell@mitre.org>

	* src/patterns/Makefile.am (BUILT_RECOGS): Recognizer are
	generated at install and at distribution creation time.

2005-11-02  John D. Ramsdell  <ramsdell@mitre.org>

	* pkg/strace/Makefile.am (bin_PROGRAMS): Changed the name of the
	modified strace program to stracesc so that its installation does
	not conflict with the standard strace.

2005-10-12  John D. Ramsdell  <ramsdell@mitre.org>

	* doc/polgen.texi (Quick Start): Added "make clean" command to the
	instructions so that the file contexts get rebuilt.

2005-09-15  John D. Ramsdell  <ramsdell@mitre.org>

	* pkg/strace: Merged changes from strace 4.5.13. 

2005-06-01  John D. Ramsdell  <ramsdell@mitre.org>

	* src/patterns/gui.py (AcceptPatternInstances.help): Added
	absolute paths when generating URL for spawning mozilla.

2005-05-26  Brian T. Sniffen <bsniffen@mitre.org>

	* CVS: Tagged as polgen-1_1

2005-05-24  David R. Harris <drh@mitre.org>

	* Recog: Repair recognizer for single process mediator pattern

	* pattern_instance.html: Reorganization of data

	* daemon: Added diagrams showing components of typical daemon,
		  executable patterns

2005-05-09  David R. Harris <drh@mitre.org>

	* patterns: created daemon pattern recognizer and polgen_daemon macro 


2005-04-27  David R. Harris <drh@mitre.org>

	* patterns: Repairs to executable pattern - macro needs to know
	             security context of file on disc

	* gui: Improvements to GUI - context options for files shown with full
		   '_t' context

	* generation: refactoring code for .te and .fc generation


2005-04-22  David R. Harris <drh@mitre.org>

	* gui: cleaned up no-gui option

2005-04-21  Brian T. Sniffen <bsniffen@mitre.org>

	* gui: gui/no-gui option in spar enables more efficent testing harness
	       for polgen

2005-03-31    <ramsdell@mitre.org>

	* CVS: Tagged as polgen-1_0.

	* doc/polgen.texi (Quick Start): Add instructions to remove
	polgen_temp.te and polgen_temp.fc when installing the generated
	policy.

2005-03-02  Brian T. Sniffen  <bsniffen@mitre.org>

	* polgen_macros.te: Exec files, not domains.
	Still need to fix self: on sockets...

2005-03-02  drh  <drh@mm127122-pc>

	* gui.py: no message

2005-03-01  drh  <drh@mm127122-pc>

	* extract.py: repairs to socket representation

	* RecogHubAndSpoke.py, specs.py: new hub and spoke recognizer

2005-03-01  Brian T. Sniffen  <bsniffen@mitre.org>

	* polgen_macros.te:
	Reverse sense of proxy to comply with Dave's comment.

	* gui.py, textentry.py: Skip windows that will be empty anyway.

2005-03-01  Brian T. Sniffen  <bsniffen@mitre.org>

	* polgen_macros.te:
	Reverse sense of proxy to comply with Dave's comment.

2005-03-01  Brian T. Sniffen  <bsniffen@mitre.org>

	* gui.py, textentry.py: Skip windows that will be empty anyway.

2005-02-28  Brian T. Sniffen  <bsniffen@mitre.org>

	* polgen_macros.te:
	I completely ripped out the polgen_proxy macro and replaced it with
	something that actually uses all its arguments.  I'm still not convinced
	it's correct.  Dave, please help me check this on Tuesday.

2005-02-28  drh  <drh@mm127122-pc>

	* fixer.py: don't can_exec when types are the same

	* pr.py: recog_executables doesn't need resource types

	* Makefile.am, RecogExecutable.py, specs.py:
	added recognizer for Executable pattern

	* pr.py, patterns.py: added Executable pattern

	* extract.py: exec'ed process has same pid as parent

2005-02-28  Brian T. Sniffen  <bsniffen@mitre.org>

	* polgen_macros.te: Add polgen_executable macro

	* polgen_macros.te:
	We only recognize stream sockets in hub_and_spoke, so we can
	just generate policy for that.

2005-02-28  drh  <drh@mm127122-pc>

	* fixer.py: comma between file_type and exec_type

	* fixer.py: remove debug statement

	* util.py, domain_model.py, fixer.py: changes to attribute generation

	* extract.py: no message

2005-02-28  Brian T. Sniffen  <bsniffen@mitre.org>

	* gui.py: Make sure all windows have non-zero size.

2005-02-25  drh  <drh@mm127122-pc>

	* images/Makefile.am: added hubandspoke.gif

	* Makefile.am: added RecogHubAndSpoke

	* specs.py: wrote HubAndSpoke recognizer

	* RecogHubAndSpoke.py: HubAndSpoke recognizer

	* pr.py, polgen_macros.te: added hub_and_spoke macro

	* patterns.py: added HubAndSpoke pattern

	* hreports.py:
	better documentation on meaning of number of pattern instances

	* domain_model.py:
	removed warning about old style typegen name conventions

	* futil.py: added how_related method

	* main.py: fixed bug in analysis order effecting proxy recognizer

2005-02-24  Brian T. Sniffen  <bsniffen@mitre.org>

	* fc.py, textentry.py:
	More shrinking of GUI windows.  Some of us only have 1024x768 screens!

	* gui.py:
	Smaller default window size, and factor out the window size limit.
	Todo: measure existing screen size and set appropriately.

2005-02-24  drh  <drh@mm127122-pc>

	* pr.py, polgen_macros.te: new macro names - e.g., polgen_temp_use

2005-02-23  drh  <drh@mm127122-pc>

	* pr.py: macro names employ mixed case names for patterns

	* polgen_macros.te: macro names employ mixed case names for patterns

	added macros for web server component and mediator

2005-02-23  ramsdell  <ramsdell@mm127122-pc>

	* Makefile.am: update docs

2005-02-23  drh  <drh@mm127122-pc>

	* domain_model.py:
	now working with polgen_temp for polgen created types

2005-02-23  Brian T. Sniffen  <bsniffen@mitre.org>

	* polgen.texi:
	Change the example typegen-generated type to include _polgen_temp_

	* polgen.texi:
	No more references to ecomm.te or ecomm.fc, since typegen now
	generates polgen_temp.te and polgen_temp.fc instead.

	* polgen.texi:
	@emph{program} reference removed, since it's no longer true and is
	confusingly similar to domains/program.

2005-02-23  ramsdell  <ramsdell@mm127122-pc>

	* polgen.texi: doc update

	* polgen.texi: update docs

2005-02-23  Brian T. Sniffen  <bsniffen@mitre.org>

	* typegen.py: Format lists properly, and factor that functionality out.
	More idiomatic typesetting around ends of lines, colons,
	semicolons, and commas also make this output somewhat easier to read.

2005-02-22  Brian T. Sniffen  <bsniffen@mitre.org>

	* typegen.py: Name the .te and .fc files appropriately as
	polgen_temp.te|.fc
	It happens to make it easier to not step on the permanent
	file names.

2005-02-15  Brian T. Sniffen  <bsniffen@mitre.org>

	* typegen.py:
	Generate types like polgen_temp_ecomm_t and polgen_temp_ecomm_exec_t
	Also, remove the unused old_write_te method.

2005-02-15  Brian T. Sniffen  <bsniffen@mitre.org>

	* typegen.py:
	Generate types like polgen_temp_ecomm_t and polgen_temp_ecomm_exec_t
	Also, remove the unused old_write_te method.

2005-01-20  Brian T. Sniffen  <bsniffen@mitre.org>

	* typegen.py: Fix bad list comprehension.

	* typegen.py: Full new implementation

2005-01-16  John D. Ramsdell  <ramsdell@mitre.org>

	* src/trackfd/trackfd.py (run, do_socketpair): Added a hash table
	that maps a system call name to its handler, and added support for
	the socketpair system call.

2004-12-28  John D. Ramsdell  <ramsdell@mitre.org>

	* src/typegen/typegen.in: Changed script to use with the python
	version of typegen.

2004-12-21  John D. Ramsdell  <ramsdell@mitre.org>

	* CVS: Tagged as polgen-0_9.

2004-12-20  John D. Ramsdell  <ramsdell@mitre.org>

	* doc/polgen.texi: Fixed the @direntry, which somehow got munged.
	The top node of the HTML document no longer has a previous and up
	link.  These links used to point to nowhere.

2004-12-14  John D. Ramsdell  <ramsdell@mitre.org>

	* polgen.spec.in: Added an RPM spec file. Thanks to Miguel Bolanos
	for providing the initial version.

2004-11-20  John D. Ramsdell  <ramsdell@mitre.org>

	* pkg/strace/strace.1: Add description of -X option to manual
	page.

2004-11-18 David R. Harris <drh@mitre.org>
	* now generating an fc file for new types
	* several changes to comment generation for the policy_spec.py file

2004-11-17 David R. Harris <drh@mitre.org>
	* now only generating one config_file type per application
	* fixed permissions for some patterns
	* removed configuration files from possible contributors to a pipeline
	* generated missing pattern gifs
	* repairs to html layout

2004-11-16 David R. Harris <drh@mitre.org>
	* modifications to src/patterns
	* added recognition capabilities for sockets - see specs.py
	* minor adjustments to html files - see presentations.py
	* added changes to spec2pol - some patternR classes have new elements - see pr.py
      * changes to pipeline recognizers - intermediate resources should not be the same - otherwise get false positives from
	  multiple connects to a socket (from server thru socket to client and back thru the socket to the server)

2004-11-10  John D. Ramsdell  <ramsdell@mitre.org>

	* src/trackfd/trackstrace.in (AWK): Ignore signals when joining a
	suspended system call.

	* pkg/strace/configure.ac: Merge in strace 4.5.8 improvements.

2004-11-05  John D. Ramsdell  <ramsdell@mitre.org>

	* src/trackfd/trackfd.py (SocketTracker): Record the parent of a
	socket created by an accept system call.

2004-11-01  John D. Ramsdell  <ramsdell@mitre.org>

	* CVS: Tagged as polgen-0_8.

2004-11-01 David R. Harris <drh@mitre.org>

	* Fixed allow syntax generated by the spec file.

	* Generated new diagrams for the Pipe and TempUse patterns for
	use in HTML documents.

	* Restricted the proxy pattern so that spawning is not used as
	link between proxy and service.

	* ToDo.html (on repairs link) indicates we have set context of
	pipes to 'self'.  The page notifies people of things spar did that
	they should consider.

	* Fixed places where default assignments are made to security
	context.  This removes appearances of ??? and tbd in the spec
	file.

	* doc/polgen.texi (Recognizing Patterns): Update description to
	match current behavior.

2004-10-30  John D. Ramsdell  <ramsdell@mitre.org>

	* doc/polgen.texi (Analysis Script): Added chapter describing a
	handy script.

2004-10-29  John D. Ramsdell  <ramsdell@mitre.org>

	* CVS: Tagged as polgen-0_7.

	* doc/polgen.texi: Implemented many improvements and bug fixes.

2004-10-28  John D. Ramsdell  <ramsdell@mitre.org>

	* src/trackfd/trackfd.py (do_clone): Add support for multithreaded
	applications by sharing a file descriptor table when clone is
	called with the CLONE_FILES flag.

2004-10-27 David R. Harris <drh@mitre.org>

	* CVS: Tagged as polgen-0_6.

	* Added new html output generation in presentation.py

	* Added Pipe and Interpreter recognizers in specs.py

	* Made substantial changes to spec2pol in pi.py and te_gen_util.py
	  these include:
		adding type declarations
		adding can_exec macro invocations
		added getattr to read actions

	* improved automatic type generation capabilities to generate new
	types for key players in instances of some patterns

	* <name>_policy_spec.py now provides policy author with options to
	select pattern instances as is, revert to individual assertions
	with newly generated types, or revert to original types

2004-10-27  John D. Ramsdell  <ramsdell@mitre.org>

	* doc/polgen.texi: Incorporated example so there is only one
	source file, and update example for FC3test3.

	* src/trackfd/trackfd.py (run): Keep track of line numbers to
	improve error messages.

	* src/strace2tsv/scanner.l: Fixed regular expression identifying a
	C string.

2004-10-18  John D. Ramsdell  <ramsdell@mitre.org>

	* src/trackfd/trackfd.py (do_fcntl64, do_accept):  Add support for
	close on exec flag and file descriptor duplication via fcntl64.
	Fix do_accept so it creates a new socket tracker.

	* src/trackfd/trackfd.py (Tracker.__init__): All trackers have a
	unique identifier, and pipe trackers record the id of the other
	pipe tracker created with it.

2004-10-15  John D. Ramsdell  <ramsdell@mitre.org>

	* CVS: Tagged as polgen-0_5.

2004-10-13  John D. Ramsdell  <ramsdell@mitre.org>

	* src/trackfd/trackstrace.in: Added an AWK script that handles
	unfinished system calls.

2004-10-07  John D. Ramsdell  <ramsdell@mitre.org>

	* src/trackfd/trackfd.py (run): Add support for multiple processes
	by adding a process table, which contains a file descriptor table
	for each process.

	* src/strace2tsv/strace2tsv.c (filter): On parsing error, ignore
	the rest of the line, and then continue parsing.

2004-10-06  John D. Ramsdell  <ramsdell@mitre.org>

	* doc/polgen.texi (Capturing Program Behavior): All traces now
	have has their first field, the process identifier of the process
	being traced.

2004-10-05  John D. Ramsdell  <ramsdell@mitre.org>

	* src/strace2tsv/scanner.l: Handle lines that start with a pid,
	which are generated by strace with the -f option.

2004-09-30  John D. Ramsdell  <ramsdell@mitre.org>

	* CVS: Tagged as polgen-0_4.

	* doc/polgen.texi: Updated the documentation to describe the new
	way of filtering strace output into something that can be used by
	spar.

	* src/trackfd/trackall.in: Added a script what runs trackstrace on
	a list of input files.

2004-09-30 David R. Harris <drh@mitre.org>

	* src/patterns/extract.py minor changes to handling exec's and
	setting security context of openned files

2004-09-29 David R. Harris <drh@mitre.org>

	* src/patterns/extract.py rewrote tracked files parser to capture
	the new tab delimited format

2004-09-29  John D. Ramsdell  <ramsdell@mitre.org>

	* src/trackfd/trackfd.py (do_execve): Added this syscall's return
	code to the Exec record.

	* src/trackfd/trackfd.py (do_clone): Added this syscall, which is
	what fork gets compiled into.

	* pkg/strace/process.c (fake_execve): When compiled for SELinux,
	print the security context of the file being executed.

2004-09-28  John D. Ramsdell  <ramsdell@mitre.org>

	* src/trackfd/trackstrace.in: Added a shell script that creates a
	pipeline of processes to tracks file descriptors given SELinux
	enhanced strace output.

2004-09-24  John D. Ramsdell  <ramsdell@mitre.org>

	* src/strace2tsv/*: Added a program that converts strace output
	into tab separated values format.

2004-09-18  John D. Ramsdell  <ramsdell@mitre.org>

	* pkg/strace/util.c (selinux_printdesc): Added the pid argument to
	all calls so that one can find the security context of a file
	descriptor within the process being traced.  In Linux, the
	security context is obtained from /proc/<pid>/fd/<fd>.	For other
	operating systems, not security context is printed.

2004-09-17  John D. Ramsdell  <ramsdell@mitre.org>

	* pkg/strace/strace.c (printtrailer): Each line of SELinux enabled
	output had the security context of strace as its last item.  It
	was changed to be the security context of the traced program, as
	was originally intended.

2004-09-16  John D. Ramsdell  <ramsdell@mitre.org>

	* CVS: Tagged as polgen-0_3.

2004-09-16 David R. Harris <drh@mitre.org>

	* src/patterns/patterns.py and specs.py - added recognizers for
	CanCheckSelinux pattern

	* src/patterns/walk.py - utilities for walking constellations of
	resources that spar has identified as constituting a pattern
	instance.

	* src/patterns/macro_defs.py - adds templates to each patttern
	type. These templates provide documentation on the pattern and a
	template to be used for creating a macro associated with a pattern

	* src/patterns/hreports.py - added additional report generation
	capabilities to spar

	* built components of spec2pol - these include te_gen_util, pi
	modules.  Also made adjustments to spar output.	 spar now
	generates several html files and a file named
	<prgm>_policy_spec.py.	This file contains executable Python that
	is editable and intended for subsequent input to the spec2pol
	process.

2004-09-16  John D. Ramsdell  <ramsdell@mitre.org>

	* src/ecommerce-example/ecomm-config.py (main): Added command line
	argument processing using getopt.

	* doc/polgen.texi: Added description of spec2pol usage.	 Changed
	displays to use the example environment instead of the verbatim
	environment.

2004-09-15  John D. Ramsdell  <ramsdell@mitre.org>

	* src/patterns/spec2pol.in: Added a Python runner that knows the
	location of polgen Python code.

2004-09-14    <shaddin@expresso.mitre.org>

	* src/typegen/typegen.in:
	Command Line Options: command line options (-i <file> , -v, -h).-i
	specifies input file (default is ./typegen.conf), -v prints
	version info, -h prints help.
	Role/Type Declaration: replaced the old role and type declarations
	with a new one that allows multiple roles/types, using statement:
	role <role> types <type1> <type2> <type3> ...
	at least one such statement must be in conf file.
	Type naming: if executable-name = program-name then dont prepend
	program name to executable type or the domain type
	* src/typegen/typegen.conf: updated example with new role
	declaration

2004-09-04  John D. Ramsdell  <ramsdell@mitre.org>

	* src/patterns/spar.in (PYTHONPATH): Added $HOME/.spar to path.

2004-09-02  John D. Ramsdell  <ramsdell@mitre.org>

	* src/ecommerce-example/sample-files/*: Added run samples.

2004-09-02  David R Harris  <drh@divan>

	* src/patterns/presentations.py (allows_to_txt): merged changes on
	results directory

2004-09-02  John D. Ramsdell  <ramsdell@mitre.org>

	* src/ecommerce-example/ecomm-config.py (main): Generate a
	typegen.conf file instead of ecomm.fc.

	* src/patterns/spar.in: Added . to PYTHONPATH so that it will load
	generated Python source from spar's current directory.

2004-09-02  Owen C. Landgren  <olandgren@expresso.mitre.org>

	* src/patterns/main.py: Another os.path.join bug, this time
	regarding the results directory and the xml output.

	* src/patterns/presentations.py: Updated line 185 to correctly
	construct results string. Added an 'import os'
	(gen_allows_report): Updated to correctly construct path

	* src/ecommerce-example/ecomm-config.py (main): Will not attempt
	to override directories when they already exist(orders and paid).

	* src/ecommerce-example/shipping.py: Same as acct_rcv.py -
	attempting to delete the order was dying.

	* src/ecommerce-example/acct_rcv.py: Fixed path bug in line 22,
	where a / was missing. Replaced string concat with os.path.join()

2004-09-02  John D. Ramsdell  <ramsdell@mitre.org>

	* src/typegen/*: Added new program.

	* src/polgen/*: Removed in favor of typegen.

	* src/ecommerce-example/ecomm-config.in: This script copies python
	files, changes file access permissions, creates directories,
	and the file ecomm.fc.

2004-09-01  John D. Ramsdell  <ramsdell@mitre.org>

	* src/ecommerce-example/ecomm-config.py: Added a configuration
	script to the example to produce an ecomm.fc file, and create
	directories used in the example.  The other python programs in the
	example were hardcoded to know the names of the directories created
	by ecomm-config.py.

	* src/ecommerce-example/Makefile.am (pkgdata_DATA): Placed ecomm
	example files in pkgdata.

2004-09-01  Owen C. Landgren  <olandgren@expresso.mitre.org>

	* src/strace-filter/spar-preprocess.in (output_dir): Updated to
	add support for fully qualified pathnames

2004-08-31  Owen C. Landgren  <olandgren@expresso.mitre.org>

	* src/strace-filter/spar-preprocess.in (TRACK): Added the
	capability to process the pid files generated by a forking strace
	process.
	(prog_name): Pulled the name of the program we're processing into
	a variable called 'prog_name'.
	(output_dir): Added options for output directory and help, and
	refactored script to be slightly more modular.

	* src/strace-filter/filter-strace.py (StraceFilter.__init__):
	Added support for the unlink() system call

	* src/strace-filter/track-fd.py (FileDescriptorTracker.parseLine):
	Added support for the unlink() system call

2004-08-30  Owen C. Landgren  <olandgren@expresso.mitre.org>

	* src/strace-filter/spar-preprocess.in (TRACK): Updated
	spar-preprocess.in to fix a filename bug that was breaking the
	system(trace-fd goes to track-fd).

2004-08-30  John D. Ramsdell  <ramsdell@mitre.org>

	* src/strace-filter/Makefile.am (bin_SCRIPTS):	Python source is
	installed using the pkgpython_PYTHON variable.

	* src/strace-filter/*: Changed the standard file name word
	separator to hyphen.

2004-08-30  Owen C. Landgren  <olandgren@expresso.mitre.org>

	* src/strace-filter/spar_preprocess: Removed, as ithis file is
	autogenerated by configure.

	* src/strace-filter/spar_preprocess.in: Rechecked in file, added
	@prefix@, @exec_prefix@, and @bindir@ directives to locate where
	the scripts 'spar_preprocess' uses. Also added configure warning.

	* src/strace-filter/filter.strace.in: Added an @configure_input@
	warning as in track.fd.in

	* src/strace-filter/track.fd.in: Added an @configure_input@
	warning to the file so that users know that it's an autogenerated
	script.

	* configure.ac: Added src/strace-filter/spar_preprocess to those
	scripts which require preprocessing. We're using autoconf to find
	out where the files are being installed.

	* src/strace-filter/track.fd.in: Uses autoconfigured path to
	Python instead of hardcoded one, executable name no longer has .py
	suffix

	* src/strace-filter/filter.strace.in: Uses autoconfigured path to
	Python instead of hardcoded one, executable no longer has .py
	suffix

2004-08-26  John D. Ramsdell  <ramsdell@mitre.org>

	* src/strace-filter/spar_preprocess: Execs /bin/sh.

	* Complete organization including adding the strace package.

