Introduction ofTOMOYO Linux<br />September 2010<br />TOMOYO Linux project<br />
TOMOYO Linux as a “Linux system analyze tool”<br />Part 1<br />
TOMOYO Linux is an extension of Linux kernel (it’s not a Linux distribution)<br />TOMOYO Linux add a “process tracing capa...
It is a capability to store “how a process has been created”<br />For instance, if you logged in via ssh and get a /bin/ba...
If you logged in through a console<br />“<kernel>  /sbin/init  /bin/sh  /sbin/mingetty  /bin/login  /bin/bash”<br />“<kern...
If TOMOYO Linux is enabled<br />“process invocation history” information is automatically stored<br />you can see how each...
Fedora 13<br />
Fedora 13 (firefox)<br />
Log in as a root<br />execute “ccs-editpolicy”<br />Total numbers of different “process invocation history” patterns is di...
TOMOYO Linux monitors actions caused for each “process invocation history” pattern<br />To see them, simply select the lin...
Fedora 13 (firefox)<br />
You need to install TOMOYO Linux kernel and TOMOYO Linux tools<br />We are maintaining TOMOYO Linux kernel and tools repos...
TOMOYO Linux as a “security tool”<br />Part 2<br />
Demo movie<br />
Q and A<br />
Upcoming SlideShare
Loading in...5
×

Tomoyo linux introduction

1,139

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,139
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
18
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Tomoyo linux introduction

  1. 1. Introduction ofTOMOYO Linux<br />September 2010<br />TOMOYO Linux project<br />
  2. 2. TOMOYO Linux as a “Linux system analyze tool”<br />Part 1<br />
  3. 3. TOMOYO Linux is an extension of Linux kernel (it’s not a Linux distribution)<br />TOMOYO Linux add a “process tracing capability” to your Linux environment<br />“process tracing capability”<br />What is TOMOYO Linux?<br />
  4. 4. It is a capability to store “how a process has been created”<br />For instance, if you logged in via ssh and get a /bin/bash session, that bash session is stored as follows:<br />“<kernel> /sbin/init /bin/sh /etc/rc.d/rc /etc/rc.d/init.d/sshd /usr/sbin/sshd /usr/sbin/sshd/bin/bash”<br />What is “process tracing capability”?<br />
  5. 5. If you logged in through a console<br />“<kernel> /sbin/init /bin/sh /sbin/mingetty /bin/login /bin/bash”<br />“<kernel>” is just a symbol to indicated the starting point, and each program names just follow with space as a separator<br />
  6. 6. If TOMOYO Linux is enabled<br />“process invocation history” information is automatically stored<br />you can see how each process has been created<br />You can browse the entire process invocation history by using a TOMOYO Linux policy editor (it’s CUI)<br />So what?<br />
  7. 7. Fedora 13<br />
  8. 8. Fedora 13 (firefox)<br />
  9. 9. Log in as a root<br />execute “ccs-editpolicy”<br />Total numbers of different “process invocation history” patterns is displayed like “601 domains”<br />Use cursor key to go up/down<br />How to use the TOMOYO Linuxpolicy editor<br />
  10. 10. TOMOYO Linux monitors actions caused for each “process invocation history” pattern<br />To see them, simply select the line and hit enter key<br />
  11. 11. Fedora 13 (firefox)<br />
  12. 12. You need to install TOMOYO Linux kernel and TOMOYO Linux tools<br />We are maintaining TOMOYO Linux kernel and tools repositoriesfor users’ convenience<br />Kernel patches and tools source code are available, too<br />Project homepage has everything you need<br />http://tomoyo.sourceforge.jp/<br />How to use TOMOYO Linux<br />
  13. 13. TOMOYO Linux as a “security tool”<br />Part 2<br />
  14. 14. Demo movie<br />
  15. 15. Q and A<br />
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×