08 Apr, 2015
3 commits
-
The Makefile automatically generates the tomoyo policy files, which are
not removed by make clean (because they could have been provided by the
user). Instead of generating the missing files, use /dev/null if a
given file is not provided. Store the default exception_policy in
exception_policy.conf.default.Acked-by: Tetsuo Handa
Signed-off-by: Michal Marek -
Combine the generation of builtin-policy.h into a single command and use
if_changed, so that the file is regenerated each time the command
changes. The next patch will make use of this.Acked-by: Tetsuo Handa
Signed-off-by: Michal Marek -
Simplify the Makefile by using a readily available tool instead of a
custom sed script. The downside is that builtin-policy.h becomes
unreadable for humans, but it is only a generated file.Acked-by: Tetsuo Handa
Signed-off-by: Michal Marek
15 Sep, 2011
1 commit
-
Tell userland tools that this is TOMOYO 2.5.
Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris
14 Sep, 2011
2 commits
-
This patch adds support for permission checks for PF_INET/PF_INET6/PF_UNIX
socket's bind()/listen()/connect()/send() operations.Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris -
This patch adds support for checking environment variable's names.
Although TOMOYO already provides ability to check argv[]/envp[] passed to
execve() requests,file execute /bin/sh exec.envp["LD_LIBRARY_PATH"]="bar"
will reject execution of /bin/sh if environment variable LD_LIBRARY_PATH is not
defined. To grant execution of /bin/sh if LD_LIBRARY_PATH is not defined,
administrators have to specify likefile execute /bin/sh exec.envp["LD_LIBRARY_PATH"]="/system/lib"
file execute /bin/sh exec.envp["LD_LIBRARY_PATH"]=NULL. Since there are many environment variables whereas conditional checks are
applied as "&&", it is difficult to cover all combinations. Therefore, this
patch supports conditional checks that are applied as "||", by specifying likefile execute /bin/sh
misc env LD_LIBRARY_PATH exec.envp["LD_LIBRARY_PATH"]="/system/lib"which means "grant execution of /bin/sh if environment variable is not defined
or is defined and its value is /system/lib".Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris
11 Jul, 2011
1 commit
-
This patch adds support for permission checks using current thread's UID/GID
etc. in addition to pathnames.Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris
29 Jun, 2011
2 commits
-
To be able to start using enforcing mode from the early stage of boot sequence,
this patch adds support for built-in policy configuration (and next patch adds
support for activating access control without calling external policy loader
program).Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris -
Add /sys/kernel/security/tomoyo/audit interface. This interface generates audit
logs in the form of domain policy so that /usr/sbin/tomoyo-auditd can reuse
audit logs for appending to /sys/kernel/security/tomoyo/domain_policy
interface.Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris
02 Aug, 2010
4 commits
-
Use common code for "path_group" and "number_group".
Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris -
security/tomoyo/common.c became too large to read.
Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris -
mount(2) has three string and one numeric parameters.
Split mount restriction code from security/tomoyo/file.c .Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris -
This patch adds numeric values grouping support, which is useful for grouping
numeric values such as file's UID, DAC's mode, ioctl()'s cmd number.Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris
17 May, 2010
1 commit
-
This patch adds pathname grouping support, which is useful for grouping
pathnames that cannot be represented using /\{dir\}/ pattern.Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris
15 Feb, 2010
1 commit
-
This patch adds garbage collector support to TOMOYO.
Elements are protected by "struct srcu_struct tomoyo_ss".Signed-off-by: Tetsuo Handa
Acked-by: Serge Hallyn
Signed-off-by: James Morris
12 Feb, 2009
1 commit
-
TOMOYO uses LSM hooks for pathname based access control and securityfs support.
Signed-off-by: Kentaro Takeda
Signed-off-by: Tetsuo Handa
Signed-off-by: James Morris