Last modified: $Date: 2009-11-17 13:55:42 +0900 (Tue, 17 Nov 2009) $
| TOMOYO is a security module which focuses on behavior of a system. A process is created to achieve something. TOMOYO lets each process declare behaviors and resources needed to achieve its purpose (like an immigration officer) and permits only declared behaviors and resources (like an operation watchdog). This approach made it possible for users to understand how a Linux system works. You can use TOMOYO as a system analysis tool as well as an access restriction tool. |
2009/11/11 TOMOYO Linux 1.7.1 and TOMOYO Linux 1.6.8p1 are available.
2009/06/10 TOMOYO Linux 2.2.0 was merged into Linux 2.6.30 kernel.
We maintain and provide two versions.
This version supports only kernels 2.6.30 and later. It uses hooks provided by LSM (Linux Security Modules) and offers only a subset of MAC (Mandatory Access Control) for files at the moment, but it is available without applying kernel patches.
You can use this version if your priority is to use TOMOYO without modifying the kernel over to obtain all the abilities of access control.
This version supports many distributions using 2.4/2.6 kernels. It inserts original hooks in order to be able to coexist with other MAC implementations (e.g. SELinux / SMACK / AppArmor).
You can use this version if your priority is to obtain all the potentials of TOMOYO and fully functional MAC ability (for files, network, capabilities, environment variables, etc.) over to use without patching the kernel.
For handy trial and evaluation purpose, CentOS 5.4 LiveCD and Ubuntu 9.10 LiveCD with TOMOYO Linux are available.
TOMOYO Linux is supported by NTT DATA CORPORATION
0083795 hits since May 17, 2006