Hello.
Various features in TOMOYO 1.7 will become available in TOMOYO 2.3 for
Linux 2.6.36 .
(1) File access control (create,chmod,chown etc.) will be able to check numeric
parameters. For example:
2.6.30-2.6.35:
allow_create /tmp/file
2.6.36:
allow_create /tmp/file 0600
(2) To help specifying pathname ranges, "path_group" keyword will be added to
TOMOYO 2.2 for Linux 2.6.35 . To help specifying numeric value ranges,
"number_group" keyword will be added to TOMOYO 2.3 for Linux 2.6.36 .
allow_create @path_group1 @number_group1
(3) Interactive enforcing mode will be added.
/sys/kernel/security/tomoyo/query and /usr/sbin/tomoyo-queryd
(4) Longer pathname support will be added.
Pathnames longer than 4000 bytes are supported.
(5) Program aggregation will be added.
aggregator
(6) Profile structure will become per operation basis.
0-CONFIG::file::open={ mode=learning }
0-CONFIG::file::execute={ mode=enforcing }
Thanks.
_______________________________________________
tomoyo-users-en mailing list
[email protected]
http://lists.sourceforge.jp/mailman/listinfo/tomoyo-users-en
