TOMOYO

Fork

[tomoyo-users-en 175] Various enhancements will be included in TOMOYO 2.3 for Linux 2.6.36 .

• Previous message (by thread): [tomoyo-users-en 174] ccs-patch 1.6.8p3/1.7.2p1 refreshed.
• Next message (by thread): [tomoyo-users-en 179] TOMOYO Linux functionality comparison table
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello.

Various features in TOMOYO 1.7 will become available in TOMOYO 2.3 for
Linux 2.6.36 .

(1) File access control (create,chmod,chown etc.) will be able to check numeric
    parameters. For example:

      2.6.30-2.6.35:
        allow_create /tmp/file

      2.6.36:
        allow_create /tmp/file 0600

(2) To help specifying pathname ranges, "path_group" keyword will be added to
    TOMOYO 2.2 for Linux 2.6.35 . To help specifying numeric value ranges,
    "number_group" keyword will be added to TOMOYO 2.3 for Linux 2.6.36 .

      allow_create @path_group1 @number_group1

(3) Interactive enforcing mode will be added.

      /sys/kernel/security/tomoyo/query and /usr/sbin/tomoyo-queryd

(4) Longer pathname support will be added.

      Pathnames longer than 4000 bytes are supported.

(5) Program aggregation will be added.

      aggregator

(6) Profile structure will become per operation basis.

      0-CONFIG::file::open={ mode=learning }
      0-CONFIG::file::execute={ mode=enforcing }

Thanks.

• Previous message (by thread): [tomoyo-users-en 174] ccs-patch 1.6.8p3/1.7.2p1 refreshed.
• Next message (by thread): [tomoyo-users-en 179] TOMOYO Linux functionality comparison table
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]