Last modified: $Date: 2010-01-21 17:08:39 +0900 (Thu, 21 Jan 2010) $
| TOMOYO is a security module which focuses on behavior of a system. A process is created to achieve something. TOMOYO lets each process declare behaviors and resources needed to achieve its purpose (like an immigration officer) and permits only declared behaviors and resources (like an operation watchdog). This approach made it possible for users to understand how a Linux system works. You can use TOMOYO as a system analysis tool as well as an access restriction tool. |
2010/01/20 TOMOYO Linux 1.6.8p3 is available.
2009/12/20 TOMOYO Linux 1.7.1p1 is available.
2009/06/10 TOMOYO Linux 2.2.0 was merged into Linux 2.6.30 kernel.
We maintain and provide two versions.
This version supports only kernels 2.6.30 and later. It uses hooks provided by LSM (Linux Security Modules) and offers only a subset of MAC (Mandatory Access Control) for files at the moment, but it is available without applying kernel patches.
You can use this version if your priority is to use TOMOYO without modifying the kernel over to obtain all the abilities of access control.
This version supports many distributions using 2.4/2.6 kernels. It inserts original hooks in order to be able to coexist with other MAC implementations (e.g. SELinux / SMACK / AppArmor).
You can use this version if your priority is to obtain all the potentials of TOMOYO and fully functional MAC ability (for files, network, capabilities, environment variables, etc.) over to use without patching the kernel.
Below video demonstrates how to install/initialize/configure/enforce TOMOYO Linux on CentOS 5 and Ubuntu 9.10 systems. You can experience TOMOYO Linux in only 10 minutes!
For handy trial and evaluation purpose, CentOS 5.4 LiveCD and Ubuntu 9.10 LiveCD with TOMOYO Linux are available.
TOMOYO Linux is supported by NTT DATA CORPORATION
0092293 hits since May 17, 2006