Hi, I encountered an unexpected behavior with symlinks:
1 acl symlink target="/home/user/secret_file" audit 1 1 deny $ ln -s /home/user/secret_file test ln: failed to create symbolic link 'test': Operation not permitted fails, while $ cd /home/user $ ln -s secret_file test test is successful. Shouldn't both requests be denied as both create a symlink to the same file? Independent of that, it is often difficult to debug what the parent process is if the parent (and child) process are no longer running. This is mainly interesting when, e.g., /usr/bin/bash wants to perform some action but you only want to allow /usr/bin/bash's action if it is called by a trusted process. During rule creation, this trusted parent process is not known (assume you want to protect a group of objects). Therefore, I thought the following might be helpful to easily determine the parent process: 1 acl execute 1 allow transition=task.exe Unfortunately, this doesn't match anything (adding '2 deny' prevents any execution). Lastly, it might be good for visibility to include caitsith in your comparison on http://tomoyo.osdn.jp/wiki-e/?WhatIs#comparison Thanks, Torsten _______________________________________________ tomoyo-users-en mailing list tomoyo-users-en@lists.osdn.me http://lists.osdn.me/mailman/listinfo/tomoyo-users-en