Tomoyo linux introduction
Upcoming SlideShare
Loading in...5
×
 

Tomoyo linux introduction

on

  • 1,312 views

 

Statistics

Views

Total Views
1,312
Views on SlideShare
1,312
Embed Views
0

Actions

Likes
0
Downloads
17
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Tomoyo linux introduction Tomoyo linux introduction Presentation Transcript

    • Introduction ofTOMOYO Linux
      September 2010
      TOMOYO Linux project
    • TOMOYO Linux as a “Linux system analyze tool”
      Part 1
    • TOMOYO Linux is an extension of Linux kernel (it’s not a Linux distribution)
      TOMOYO Linux add a “process tracing capability” to your Linux environment
      “process tracing capability”
      What is TOMOYO Linux?
    • It is a capability to store “how a process has been created”
      For instance, if you logged in via ssh and get a /bin/bash session, that bash session is stored as follows:
      “<kernel> /sbin/init /bin/sh /etc/rc.d/rc /etc/rc.d/init.d/sshd /usr/sbin/sshd /usr/sbin/sshd/bin/bash”
      What is “process tracing capability”?
    • If you logged in through a console
      “<kernel> /sbin/init /bin/sh /sbin/mingetty /bin/login /bin/bash”
      “<kernel>” is just a symbol to indicated the starting point, and each program names just follow with space as a separator
    • If TOMOYO Linux is enabled
      “process invocation history” information is automatically stored
      you can see how each process has been created
      You can browse the entire process invocation history by using a TOMOYO Linux policy editor (it’s CUI)
      So what?
    • Fedora 13
    • Fedora 13 (firefox)
    • Log in as a root
      execute “ccs-editpolicy”
      Total numbers of different “process invocation history” patterns is displayed like “601 domains”
      Use cursor key to go up/down
      How to use the TOMOYO Linuxpolicy editor
    • TOMOYO Linux monitors actions caused for each “process invocation history” pattern
      To see them, simply select the line and hit enter key
    • Fedora 13 (firefox)
    • You need to install TOMOYO Linux kernel and TOMOYO Linux tools
      We are maintaining TOMOYO Linux kernel and tools repositoriesfor users’ convenience
      Kernel patches and tools source code are available, too
      Project homepage has everything you need
      http://tomoyo.sourceforge.jp/
      How to use TOMOYO Linux
    • TOMOYO Linux as a “security tool”
      Part 2
    • Demo movie
    • Q and A