TOMOYO Linux is a Mandatory Access Control (MAC) implementation for Linux that can be used to increase the security of a system, while also being useful purely as a system analysis tool. It was launched in March 2003 and had been sponsored by NTT DATA Corporation, Japan until March 2012.
TOMOYO Linux focuses on the behaviour of a system. Every process is created to achieve a purpose, and like an immigration officer, TOMOYO Linux allows each process to declare behaviours and resources needed to achieve their purpose. When protection is enabled, TOMOYO Linux acts like an operation watchdog, restricting each process to only the behaviours and resources allowed by the administrator.
@ Merge tomoyo_connect.c and tomoyo_bind.c into tomoyo_port.c
I merged these files that have only difference CONNECT and BIND,
that are likely to be enabled both or neither.
@ Add CONFIG_TOMOYO_AUDIT option.
I made auditing functions as optional because some Linux boxes
may have not enough disk space to store audit logs.
@ Support use of symbolic links for program execution.
Until now, domains for programs executed by dereferencing
symbolic links were defined using dereferenced pathnames.
This was inconvenient for some Linux boxes who use busybox but
can't keep hard links of busybox.
I introduced a mechanism to allow using pathnames of
symbolic links using 'alias' directive.
'alias /sbin/busybox /bin/ls' to run /bin/ls
(which is a symbolic link to /sbin/busybox) as /bin/ls
if /bin/ls is executed.
'alias /bin/bash /bin/sh' to run /bin/sh
(which is a symbolic link to /bin/bash) as /bin/sh
if /bin/sh is executed.
@ Use ccs_alloc() instead of kzalloc().
To detect memory leaks,
I added a wrapper for tracing kmalloc() and kfree().
There is no way to detect memory leaks caused by ccs-*.txt .
Version 1.1.3 2006/07/13 Functionality enhancement release.