Главная Обзор Помощь
Регистрация Вход
RD_Software
/
linux-arkmicro
2
0
Ответвить 1
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: 6ecc0e68ec
Ветки Метки
linux-arkmicro
/
linux
/
Documentation
/
admin-guide
/
LSM
/
tomoyo.rst

tomoyo.rst 2.2 KB
История Исходник

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. ======
    2. 

  2. TOMOYO
    3. 

  3. ======
    4. 

  4. 

  5. What is TOMOYO?
    6. 

  6. ===============
    7. 

  7. 

  8. TOMOYO is a name-based MAC extension (LSM module) for the Linux kernel.
    9. 

  9. 

  10. LiveCD-based tutorials are available at
    11. 

  11. 

  12. http://tomoyo.sourceforge.jp/1.8/ubuntu12.04-live.html
    13. 

  13. http://tomoyo.sourceforge.jp/1.8/centos6-live.html
    14. 

  14. 

  15. Though these tutorials use non-LSM version of TOMOYO, they are useful for you
    16. 

  16. to know what TOMOYO is.
    17. 

  17. 

  18. How to enable TOMOYO?
    19. 

  19. =====================
    20. 

  20. 

  21. Build the kernel with ``CONFIG_SECURITY_TOMOYO=y`` and pass ``security=tomoyo`` on
    22. 

  22. kernel's command line.
    23. 

  23. 

  24. Please see http://tomoyo.osdn.jp/2.5/ for details.
    25. 

  25. 

  26. Where is documentation?
    27. 

  27. =======================
    28. 

  28. 

  29. User <-> Kernel interface documentation is available at
    30. 

  30. http://tomoyo.osdn.jp/2.5/policy-specification/index.html .
    31. 

  31. 

  32. Materials we prepared for seminars and symposiums are available at
    33. 

  33. http://osdn.jp/projects/tomoyo/docs/?category_id=532&language_id=1 .
    34. 

  34. Below lists are chosen from three aspects.
    35. 

  35. 

  36. What is TOMOYO?
    37. 

  37.   TOMOYO Linux Overview
    38. 

  38.     http://osdn.jp/projects/tomoyo/docs/lca2009-takeda.pdf
    39. 

  39.   TOMOYO Linux: pragmatic and manageable security for Linux
    40. 

  40.     http://osdn.jp/projects/tomoyo/docs/freedomhectaipei-tomoyo.pdf
    41. 

  41.   TOMOYO Linux: A Practical Method to Understand and Protect Your Own Linux Box
    42. 

  42.     http://osdn.jp/projects/tomoyo/docs/PacSec2007-en-no-demo.pdf
    43. 

  43. 

  44. What can TOMOYO do?
    45. 

  45.   Deep inside TOMOYO Linux
    46. 

  46.     http://osdn.jp/projects/tomoyo/docs/lca2009-kumaneko.pdf
    47. 

  47.   The role of "pathname based access control" in security.
    48. 

  48.     http://osdn.jp/projects/tomoyo/docs/lfj2008-bof.pdf
    49. 

  49. 

  50. History of TOMOYO?
    51. 

  51.   Realities of Mainlining
    52. 

  52.     http://osdn.jp/projects/tomoyo/docs/lfj2008.pdf
    53. 

  53. 

  54. What is future plan?
    55. 

  55. ====================
    56. 

  56. 

  57. We believe that inode based security and name based security are complementary
    58. 

  58. and both should be used together. But unfortunately, so far, we cannot enable
    59. 

  59. multiple LSM modules at the same time. We feel sorry that you have to give up
    60. 

  60. SELinux/SMACK/AppArmor etc. when you want to use TOMOYO.
    61. 

  61. 

  62. We hope that LSM becomes stackable in future. Meanwhile, you can use non-LSM
    63. 

  63. version of TOMOYO, available at http://tomoyo.osdn.jp/1.8/ .
    64. 

  64. LSM version of TOMOYO is a subset of non-LSM version of TOMOYO. We are planning
    65. 

  65. to port non-LSM version's functionalities to LSM versions.
    66.