Download List

Sponsored link

Project Description

TOMOYO Linux is a Mandatory Access Control (MAC) implementation for Linux that can be used to increase the security of a system, while also being useful purely as a system analysis tool. It was launched in March 2003 and had been sponsored by NTT DATA Corporation, Japan until March 2012.

TOMOYO Linux focuses on the behaviour of a system. Every process is created to achieve a purpose, and like an immigration officer, TOMOYO Linux allows each process to declare behaviours and resources needed to achieve their purpose. When protection is enabled, TOMOYO Linux acts like an operation watchdog, restricting each process to only the behaviours and resources allowed by the administrator.

System Requirements

System requirement is not defined

Released at 2006-02-14 18:17
ccs-tools 1.0.2-20060214 (1 files Hide)

Release Notes

No Release Notes

Changelog

Version 1.0.2 2006/02/14 Procedure review.

savepolicy:
Support saving "system policy" and "exception policy"
in addition to "domain policy".

The following programs were added.

editpolicy:
"syspol.exe" "poled.exe" "poled_old.exe" were integrated
and renamed to "editpolicy".
This program can edit "system policy", "exception policy"
and "domain policy".
Command key assignments were changed.

checkpolicy:
A policy validator taken from "poled_old.exe".
This program was designed for detecting and fixing errors
in "domain policy".

loadpolicy:
A policy reloader.
This program was designed for loading policy from the disk
after clearing current policy in the kernel.

sortpolicy:
A "domain policy" sorter.
This program was designed to compress access logs
generated by "ccs-auditd".
You can use normal "sort" command for sorting
"system policy" and "exception policy".

make_exception.sh:
A script to create "exception policy".

The following programs were renamed.

"remount.exe" was renamed to "remount_root_fs".
"makesyaoranconf.exe" was renamed to "makesyaoranconf".

The following programs were removed.

"poled.exe" "poled_old.exe" "syspol.exe"
"obsolete_chksymlink" "obsolete_chroot_su"
"obsolete_lsdir" "obsolete_makelink" "obsolete_movlog"
"bindtest" "logtest" "pathnametest" "rofstest"
"linuxrc_old"

The following programs for testing TOMOYO Linux's kernel were added.
They are in the kernel_test directory.

"sakura_bind_test" "sakura_capability_test"
"sakura_filesystem_test" "sakura_trace_test"
"tomoyo_capability_test" "tomoyo_file_test" "tomoyo_info_test"
"tomoyo_name_test" "tomoyo_port_test" "tomoyo_signal_test"