Root/
Source at commit be977234bfb4a6dca8a39e7c52165e4cd536ad71 created 12 years 9 months ago. By Lars-Peter Clausen, jz4740: Fix compile error | |
---|---|
1 | --- What is TOMOYO? --- |
2 | |
3 | TOMOYO is a name-based MAC extension (LSM module) for the Linux kernel. |
4 | |
5 | LiveCD-based tutorials are available at |
6 | http://tomoyo.sourceforge.jp/1.7/1st-step/ubuntu10.04-live/ |
7 | http://tomoyo.sourceforge.jp/1.7/1st-step/centos5-live/ . |
8 | Though these tutorials use non-LSM version of TOMOYO, they are useful for you |
9 | to know what TOMOYO is. |
10 | |
11 | --- How to enable TOMOYO? --- |
12 | |
13 | Build the kernel with CONFIG_SECURITY_TOMOYO=y and pass "security=tomoyo" on |
14 | kernel's command line. |
15 | |
16 | Please see http://tomoyo.sourceforge.jp/2.3/ for details. |
17 | |
18 | --- Where is documentation? --- |
19 | |
20 | User <-> Kernel interface documentation is available at |
21 | http://tomoyo.sourceforge.jp/2.3/policy-reference.html . |
22 | |
23 | Materials we prepared for seminars and symposiums are available at |
24 | http://sourceforge.jp/projects/tomoyo/docs/?category_id=532&language_id=1 . |
25 | Below lists are chosen from three aspects. |
26 | |
27 | What is TOMOYO? |
28 | TOMOYO Linux Overview |
29 | http://sourceforge.jp/projects/tomoyo/docs/lca2009-takeda.pdf |
30 | TOMOYO Linux: pragmatic and manageable security for Linux |
31 | http://sourceforge.jp/projects/tomoyo/docs/freedomhectaipei-tomoyo.pdf |
32 | TOMOYO Linux: A Practical Method to Understand and Protect Your Own Linux Box |
33 | http://sourceforge.jp/projects/tomoyo/docs/PacSec2007-en-no-demo.pdf |
34 | |
35 | What can TOMOYO do? |
36 | Deep inside TOMOYO Linux |
37 | http://sourceforge.jp/projects/tomoyo/docs/lca2009-kumaneko.pdf |
38 | The role of "pathname based access control" in security. |
39 | http://sourceforge.jp/projects/tomoyo/docs/lfj2008-bof.pdf |
40 | |
41 | History of TOMOYO? |
42 | Realities of Mainlining |
43 | http://sourceforge.jp/projects/tomoyo/docs/lfj2008.pdf |
44 | |
45 | --- What is future plan? --- |
46 | |
47 | We believe that inode based security and name based security are complementary |
48 | and both should be used together. But unfortunately, so far, we cannot enable |
49 | multiple LSM modules at the same time. We feel sorry that you have to give up |
50 | SELinux/SMACK/AppArmor etc. when you want to use TOMOYO. |
51 | |
52 | We hope that LSM becomes stackable in future. Meanwhile, you can use non-LSM |
53 | version of TOMOYO, available at http://tomoyo.sourceforge.jp/1.7/ . |
54 | LSM version of TOMOYO is a subset of non-LSM version of TOMOYO. We are planning |
55 | to port non-LSM version's functionalities to LSM versions. |
56 |
Branches:
ben-wpan
ben-wpan-stefan
javiroman/ks7010
jz-2.6.34
jz-2.6.34-rc5
jz-2.6.34-rc6
jz-2.6.34-rc7
jz-2.6.35
jz-2.6.36
jz-2.6.37
jz-2.6.38
jz-2.6.39
jz-3.0
jz-3.1
jz-3.11
jz-3.12
jz-3.13
jz-3.15
jz-3.16
jz-3.18-dt
jz-3.2
jz-3.3
jz-3.4
jz-3.5
jz-3.6
jz-3.6-rc2-pwm
jz-3.9
jz-3.9-clk
jz-3.9-rc8
jz47xx
jz47xx-2.6.38
master
Tags:
od-2011-09-04
od-2011-09-18
v2.6.34-rc5
v2.6.34-rc6
v2.6.34-rc7
v3.9