Re: [RFC] TOMOYO Linux released!

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Bill Davidsen <davidsen@tmr.com>
To: Tetsuo Handa <from-kernelnewbies@I-love.sakura.ne.jp>
Cc: arjan@infradead.org, linux-kernel@vger.kernel.org,
	kernelnewbies@nl.linux.org
Subject: Re: [RFC] TOMOYO Linux released!
Date: Fri, 23 Dec 2005 10:35:30 -0500	[thread overview]
Message-ID: <43AC1942.2010707@tmr.com> (raw)
In-Reply-To: <200512231338.FBF16755.TJLXFMSNOGtFSFFCOP@I-love.sakura.ne.jp>

Tetsuo Handa wrote:
> Hello,
> 
> Rik van Riel wrote:
> 
>>Why does the Tomoyo patch have its own hooks in various
>>places sitting right next to the LSM hooks?
> 
> There are two reasons.
> 
> One is to support both 2.4 kernels and 2.6 kernels.
> 
> The other is some parameters are missing for TOMOYO Linux.
> TOMOYO needs "struct vfsmnt" parameter to calculate realpath(2),
> but this parameter is unavailable after entring into
> the vfs functions (for example, vfs_mknod()) and
> unable to use (for example, security_inode_mknod()).
> 
> Also not all hooks needed for TOMOYO Linux are provided by LSM.
> For example, a hook for SAKURA_MayAutobind() is not provided by LSM.
> 
> 
> 
> By the way, the kickstart guide is now available at
> http://tomoyo.sourceforge.jp/en/kickstart/ .
> 
> If you have private questions, you can send mails to
> tomoyo-support _at_ lists.sourceforge.jp .

Hopefully most questionss will stay here until people have a chance to 
get general questions answered. This is interesting stuff, although I 
suspect that the main goal was safe operation of authorized users on the 
machine, rather than protection of servers. It appears to have benefits 
for servers as well, of course.
-- 
    -bill davidsen (davidsen@tmr.com)
"The secret to procrastination is to put things off until the
  last possible moment - but no longer"  -me

next prev parent reply	other threads:[~2005-12-23 15:35 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-12-21 11:21 [RFC] TOMOYO Linux released! Tetsuo Handa
2005-12-21 11:33 ` Arjan van de Ven
2005-12-21 12:12   ` Tetsuo Handa
2005-12-22 23:09     ` Rik van Riel
2005-12-23  4:38       ` Tetsuo Handa
2005-12-23 15:35         ` Bill Davidsen [this message]
2005-12-21 22:16   ` Ingo Oeser

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=43AC1942.2010707@tmr.com \
    --to=davidsen@tmr.com \
    --cc=arjan@infradead.org \
    --cc=from-kernelnewbies@I-love.sakura.ne.jp \
    --cc=kernelnewbies@nl.linux.org \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.