Re: [RFC] TOMOYO Linux released!

[Bill Davidsen]

Tetsuo Handa wrote:
> Hello,
>
> Rik van Riel wrote:
>
> > Why does the Tomoyo patch have its own hooks in various
> > places sitting right next to the LSM hooks?
>
> There are two reasons.
>
> One is to support both 2.4 kernels and 2.6 kernels.
>
> The other is some parameters are missing for TOMOYO Linux.
> TOMOYO needs "struct vfsmnt" parameter to calculate realpath(2),
> but this parameter is unavailable after entring into
> the vfs functions (for example, vfs_mknod()) and
> unable to use (for example, security_inode_mknod()).
>
> Also not all hooks needed for TOMOYO Linux are provided by LSM.
> For example, a hook for SAKURA_MayAutobind() is not provided by LSM.
>
>
>
> By the way, the kickstart guide is now available at
> http://tomoyo.sourceforge.jp/en/kickstart/ .
>
> If you have private questions, you can send mails to
> tomoyo-support _at_ lists.sourceforge.jp .

Hopefully most questionss will stay here until people have a chance to 
get general questions answered. This is interesting stuff, although I 
suspect that the main goal was safe operation of authorized users on the 
machine, rather than protection of servers. It appears to have benefits 
for servers as well, of course.
--
   -bill davidsen (davidsen@xxxxxxx)
"The secret to procrastination is to put things off until the
 last possible moment - but no longer"  -me
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/