TOMOYO Linux
| TOMOYO Linux | |
|---|---|
| Basic data
|
|
| developer | NTT data |
| Publishing year | 2005 |
| operating system | Linux |
| programming language | C ++ |
| category | Mandatory Access Control |
| License | GPL v2 |
| http://tomoyo.osdn.jp/ | |
TOMOYO Linux is a mandatory access control system for Linux . This is not, as the name suggests, a Linux distribution , but an operating system extension. TOMOYO Linux has been in development since 2003 and was sponsored by NTT Data until March 2012 .
TOMOYO stands for Task Oriented Management Obviates Your Onus on Linux ("task-oriented management reduces burdens on Linux").
functionality
Like SELinux , TOMOYO uses the LSM interface. It runs as a kernel module and directly controls the access rights of the individual processes at the highest system level. This preventive protection is intended to protect applications from unknown security holes, so-called zero-day exploits . Which access a program needs in order to work normally is determined by profiles with individual security guidelines. Prefabricated profiles are supplied for standard software used on a GNU / Linux system. Users and system administrators can also create their own profiles for applications. Another possibility is to use adaptive filters while a program is in normal operation.
Web links
- TOMOYO Linux project
- TOMOYO Linux at Embedded Linux Wiki
- LWN: TOMOYO Linux and pathname-based security
- Tomoyo - Debian Wiki
- TOMOYO Linux - ArchWiki