Greetings, For those who have never heard of Tomoyo Linux, here is a link: http://tomoyo.sourceforge.jp/wiki-e/?WhatIs
I noticed that this is one of the topics at linuxcon coming up shortly. I have never heard of Tomoyo until a few days ago. Right now I am learning SELinux. The claim in that Tomoyo has lower overhead than SELinux. However, being that Tomoyo is a MAC (Mandatory Access Control ) based security model, is it flawed from a theoretical standpoint before you even begin to talk about the code itself? I mention this because symlinks bring up an issue. >From the site linked above, QUOTE how about symbolic links? This is because you are using pathnames before resolving symbolic links for access control, and this is a problem of performing access control at userland level. What TOMOYO Linux deals is performing access control at kernel level. In the kernel, a pathname is converted into "dentry" and "vfsmount". And one can get a pathname without symbolic links, ".", "..", "//" by traversing "dentry" and "vfsmount" upward. Thus, even if one requests access to /tmp/shadow , TOMOYO Linux will think that /etc/shadow is requested. Therefore, TOMOYO Linux will not allow access to /etc/shadow using a symbolic link /tmp/shadow . /QUOTE Has anyone used this and decided it worked for them better than SELinux? If so, can you tell us anything about how it was implemented, and what lead you to do so. Andrew --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~----------~----~----~----~------~----~------~--~---
