Introducing SELint – A Free SELinux Policy Analysis Tool

Introducing SELint – A Free SELinux Policy Analysis Tool


As part of our ongoing leadership in the SELinux community, Tresys – now Owl Cyber Defense, as the companies have recently merged – has developed SELint, a free tool designed to perform static code analysis on Reference Policy (refpolicy) SELinux source code. SELint is our latest contribution in our continued commitment to developing the open source community, building on previous contributions, including Certifiable Linux Integration Platform (CLIP), SETools, and more.

(Please note: SELint is not related to the tool of the same name developed by Elena Reshetova, Filippo Bonazzi, and N. Asokan for SEAndroid policy analysis)

SELint is designed to help developers write policy that is more maintainable, readable, and secure, and reduce the time spent debugging challenging policy issues. The tool checks for several common policy issues that can reduce maintainability and readability, generate policy that is counter to the intent of the policy writer, or cause difficult-to-diagnose errors. SELint is also fully configurable, enabling users to select a level of checking appropriate to their project.

SELint currently supports checks for the following policy issues:

  • Violations of Reference Policy TE file ordering conventions
  • Interface with no documentation comment
  • Use of require blocks
  • File context labels associated with the wrong module
  • Type referenced without explicit declaration
  • Type, attribute, or role used but not listed in require block in interface
  • Unused type, attribute, or role listed in require block in interface
  • Potentially unescaped regex character in file contexts paths
  • Interface call that should be in optional_policy block, but is not
  • Syntactically incorrect file context format
  • Nonexistent user, role, or type listed in fc file

SELint can be downloaded for free at: https://github.com/TresysTechnology/selint

Insights to your Inbox

Stay informed with the latest cybersecurity news and resources.

  • This field is for validation purposes and should be left unchanged.

Firewalls vs. Data Diodes: Why Hardware-Enforced Security Is Mission Critical for the Department of War

The persistent and evolving threat landscape demands an unwavering commitment to network security. For the Department of War and other high-assurance organizations, mission resilience is ...
October 6, 2025

Billington Cybersecurity Summit 2025: Building Federal Resilience on the Cyber and AI Frontiers

The 16th Annual Billington Cybersecurity Summit once again affirmed its status as one of the most significant cybersecurity gatherings for government, industry, and defense leaders. Held ...
September 17, 2025
Daniel Bartucci Cyber Security Strategist - Critical Infrastructure

Securing What’s Next: OT Cyber Risk Insights 2025

There’s Never Been a More Critical Moment for OT Security  Informed by ten years of global breach and claims data and independent insurance industry analysis, the 2025 Dragos OT Secur...
August 25, 2025