15 Sep, 2011
1 commit
-
Tell userland tools that this is TOMOYO 2.5.
Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris
14 Sep, 2011
2 commits
-
This patch adds support for permission checks for PF_INET/PF_INET6/PF_UNIX
socket's bind()/listen()/connect()/send() operations.Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris -
This patch adds support for checking environment variable's names.
Although TOMOYO already provides ability to check argv[]/envp[] passed to
execve() requests,file execute /bin/sh exec.envp["LD_LIBRARY_PATH"]="bar"
will reject execution of /bin/sh if environment variable LD_LIBRARY_PATH is not
defined. To grant execution of /bin/sh if LD_LIBRARY_PATH is not defined,
administrators have to specify likefile execute /bin/sh exec.envp["LD_LIBRARY_PATH"]="/system/lib"
file execute /bin/sh exec.envp["LD_LIBRARY_PATH"]=NULL. Since there are many environment variables whereas conditional checks are
applied as "&&", it is difficult to cover all combinations. Therefore, this
patch supports conditional checks that are applied as "||", by specifying likefile execute /bin/sh
misc env LD_LIBRARY_PATH exec.envp["LD_LIBRARY_PATH"]="/system/lib"which means "grant execution of /bin/sh if environment variable is not defined
or is defined and its value is /system/lib".Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris
11 Jul, 2011
1 commit
-
This patch adds support for permission checks using current thread's UID/GID
etc. in addition to pathnames.Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris
29 Jun, 2011
2 commits
-
To be able to start using enforcing mode from the early stage of boot sequence,
this patch adds support for built-in policy configuration (and next patch adds
support for activating access control without calling external policy loader
program).Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris -
Add /sys/kernel/security/tomoyo/audit interface. This interface generates audit
logs in the form of domain policy so that /usr/sbin/tomoyo-auditd can reuse
audit logs for appending to /sys/kernel/security/tomoyo/domain_policy
interface.Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris
02 Aug, 2010
4 commits
-
Use common code for "path_group" and "number_group".
Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris -
security/tomoyo/common.c became too large to read.
Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris -
mount(2) has three string and one numeric parameters.
Split mount restriction code from security/tomoyo/file.c .Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris -
This patch adds numeric values grouping support, which is useful for grouping
numeric values such as file's UID, DAC's mode, ioctl()'s cmd number.Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris
17 May, 2010
1 commit
-
This patch adds pathname grouping support, which is useful for grouping
pathnames that cannot be represented using /\{dir\}/ pattern.Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris
15 Feb, 2010
1 commit
-
This patch adds garbage collector support to TOMOYO.
Elements are protected by "struct srcu_struct tomoyo_ss".Signed-off-by: Tetsuo Handa
Acked-by: Serge Hallyn
Signed-off-by: James Morris
12 Feb, 2009
1 commit
-
TOMOYO uses LSM hooks for pathname based access control and securityfs support.
Signed-off-by: Kentaro Takeda
Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris
