Your SlideShare is downloading. ×
  • Like
Tomoyo linux introduction
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Tomoyo linux introduction

  • 1,084 views
Published

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,084
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
17
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Introduction ofTOMOYO Linux
    September 2010
    TOMOYO Linux project
  • 2. TOMOYO Linux as a “Linux system analyze tool”
    Part 1
  • 3. TOMOYO Linux is an extension of Linux kernel (it’s not a Linux distribution)
    TOMOYO Linux add a “process tracing capability” to your Linux environment
    “process tracing capability”
    What is TOMOYO Linux?
  • 4. It is a capability to store “how a process has been created”
    For instance, if you logged in via ssh and get a /bin/bash session, that bash session is stored as follows:
    “<kernel> /sbin/init /bin/sh /etc/rc.d/rc /etc/rc.d/init.d/sshd /usr/sbin/sshd /usr/sbin/sshd/bin/bash”
    What is “process tracing capability”?
  • 5. If you logged in through a console
    “<kernel> /sbin/init /bin/sh /sbin/mingetty /bin/login /bin/bash”
    “<kernel>” is just a symbol to indicated the starting point, and each program names just follow with space as a separator
  • 6. If TOMOYO Linux is enabled
    “process invocation history” information is automatically stored
    you can see how each process has been created
    You can browse the entire process invocation history by using a TOMOYO Linux policy editor (it’s CUI)
    So what?
  • 7. Fedora 13
  • 8. Fedora 13 (firefox)
  • 9. Log in as a root
    execute “ccs-editpolicy”
    Total numbers of different “process invocation history” patterns is displayed like “601 domains”
    Use cursor key to go up/down
    How to use the TOMOYO Linuxpolicy editor
  • 10. TOMOYO Linux monitors actions caused for each “process invocation history” pattern
    To see them, simply select the line and hit enter key
  • 11. Fedora 13 (firefox)
  • 12. You need to install TOMOYO Linux kernel and TOMOYO Linux tools
    We are maintaining TOMOYO Linux kernel and tools repositoriesfor users’ convenience
    Kernel patches and tools source code are available, too
    Project homepage has everything you need
    http://tomoyo.sourceforge.jp/
    How to use TOMOYO Linux
  • 13. TOMOYO Linux as a “security tool”
    Part 2
  • 14. Demo movie
  • 15. Q and A