Tetsuo Handa
from-****@I-lov*****
Sat Feb 5 20:58:51 JST 2011
TOMOYO
ForkJamie Nguyen wrote:
> Thanks. I still don't completely understand though so let me try to
> clarify. So in the example above, we are in the "<kernel>
> /usr/sbin/httpd" domain. We will switch to "<kernel> //apache
> /www.tomoyo00.com" domain if we write that to "/proc/ccs/self_domain".
> So I can then do "(add) <kernel> //apache /www.tomoyo00.com" in Domain
> Transition Editor and manage ACL's here. We need the preceding "/" for
> /www.tomoyo00.com because all domains must start with "/" even though
> there is no such file/directory...this is just a fictional/arbitrary
> domain so that ACL's can be split. The "//apache" part (with preceding
> "//") is again just another fictional/arbitrary domain (with no
> filesystem equivalent) that we can use to split ACL's.
>
> Is this correct?
All correct. If TOMOYO permits domainname like
<kernel> //apache /www.tomoyo00.com path1.uid=0
TOMOYO will be unable to determine which one the user meant.
(a) domain: <kernel> //apache /www.tomoyo00.com
condition: path1.uid=0
(b) domain: <kernel> //apache /www.tomoyo00.com path1.uid=0
condition: none
Thus, TOMOYO asks user to start with / when representing a program's
pathname.