TOMOYO Linux
| File:TOMOYOLinux penguin.png | |
| Original author(s) | NTT Data Corporation |
|---|---|
| Operating system | Linux |
| Type | Mandatory Access Control |
| License | GPL v2 |
| Website | tomoyo |
TOMOYO Linux is a Linux kernel security module which implements Mandatory access control (MAC).
Contents
Overview
TOMOYO, named for a famous animation character, is a MAC implementation for Linux that can be used to increase the security of a system, while also being useful purely as a systems analysis tool. It was launched in March 2003 and was sponsored by NTT Data Corporation until March 2012.[1]
TOMOYO Linux focuses on system behavior. TOMOYO Linux allows each process to declare behaviours and resources needed to achieve their purpose. When protection is enabled, TOMOYO Linux acts restricts each process to the behaviors and resources allowed by the administrator.
Features
The main features of TOMOYO Linux include:
- System analysis
- Increased security through Mandatory Access Control
- Automatic policy generation
- Simple syntax
- Ease of use
History and versions
TOMOYO was merged in Linux Kernel mainline version 2.6.30 (2009, June 10)/[2] It is currently one of four standard LSM modules, along with SELinux, AppArmor and SMACK.
The TOMOYO Linux project started as a patch for the Linux kernel to provide MAC. Porting TOMOYO Linux to the mainline Linux kernel required the introduction of hooks[3] into the Linux Security Modules (LSM) that had been designed and developed specifically to support SELinux and its label-based approach.
However, more hooks are needed to integrate the remaining MAC functionality of TOMOYO Linux. Consequently, the project is following two parallel development lines:
Column-generating template families
The templates listed here are not interchangeable. For example, using {{col-float}} with {{col-end}} instead of {{col-float-end}} would leave a HTML "div" (division) open, potentially harming any subsequent formatting.
| Type | Family |
Handles wiki
table code?  |
Responsive/ Mobile suited |
Start template | Column divider | End template |
|---|---|---|---|---|---|---|
| Float | "Col-float" | Yes | Yes | {{Col-float}} | {{Col-float-break}} | {{Col-float-end}} |
| "Columns-start" | Yes | Yes | {{Columns-start}} | {{Column}} | {{Columns-end}} | |
| Columns | "Div col" | Yes | Yes | {{Div col}} | – | {{Div col end}} |
| "Columns-list" | No | Yes | {{Columns-list}} (wraps div col) | – | – | |
| Flexbox | "Flex columns" | No | Yes | {{Flex columns}} | – | – |
| Table | "Col" | Yes | No | {{Col-begin}}, {{Col-begin-fixed}} or {{Col-begin-small}} |
{{Col-break}} or {{Col-2}} .. {{Col-5}} |
{{Col-end}} |
Can template handle the basic wiki markup {| | || |- |} used to create tables? If not, special templates that produce these elements (such as {{(!}}, {{!}}, {{!!}}, {{!-}}, {{!)}})—or HTML tags (<table>...</table>, <tr>...</tr>, etc.)—need to be used instead.
See also
References
External links
- Comparison chart of 1.x and 2.x
- Comparison chart of TOMOYO 1.x, 2.x, and AKARI
- TOMOYO Linux project
- TOMOYO Linux at Embedded Linux Wiki
- LWN : TOMOYO Linux and pathname-based security
- Tomoyo – Debian Wiki
- TOMOYO Linux – ArchWiki
| Organization |
|
||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Technical |
|
||||||||||||||||||||||||||
| Linux adoption |
|
||||||||||||||||||||||||||
| People | |||||||||||||||||||||||||||
