Core changes for TOMOYO 2.4 has been accepted. Syntax will look similar to TOMOYO 1.8.2. Please note that policy files for TOMOYO 2.3 are not reusable in TOMOYO 2.4 due to syntax changes (e.g. "allow_rewrite" was removed and "file append" was introduced). I'll try to propose conditional ACL (access restriction based on process's UID etc.). I'll start preparing documentation for TOMOYO 2.4. Basically, the usage is same with TOMOYO 1.8.2, except that (1) several features/functionality in TOMOYO 1.8.2 are missing (2) userland tool's prefix is tomoyo- rather than ccs- (3) policy interface is /sys/kernel/security/tomoyo/ rather than /proc/ccs/ (4) policy file location is /etc/tomoyo/ rather than /etc/ccs/ tomoyo-tools for TOMOYO 2.4 (though it includes code for features/functionality which will not be in Linux 3.1) is available at http://sourceforge.jp/projects/tomoyo/svn/view/trunk/2.4.x/tomoyo-tools.tar.gz?root=tomoyo&view=tar Regards.
TOMOYO
Fork