Implementation Policy Language: Example: Allow creation of raw socket: native-socket: socktype eq "SOCK_RAW" then permit Operators are boolean expressions on the human-readable translations: eq: Evaluates to true only if system call argument equals text string. match: Performs file name globbing to match file and path names. re: Uses regular expressions to match system call arguments. sub: Evaluates to true only if system call argument contains specified substring. If policy evaluation results in either deny or permit, kernel is informed. Otherwise, ask user for policy decision.