Jamie Nguyen
jamie****@tomoy*****
Mon Nov 7 16:04:58 JST 2011
Tetsuo Handa wrote: > Since openSUSE 12.1 RC2 was released and tomoyo-tools-2.4 became installable > from repository, I refreshed kickstarting movie. Would you review below speech > text at http://sourceforge.jp/projects/tomoyo/svn/view/branches/suse12.1.txt?view=markup&revision=HEAD&root=tomoyo ? > > In this movie, I omitted explanation of version 1.x/2.x difference. Also, I > avoided use of the terminology "Mandatory Access Control" because it might > needlessly give readers sense of fear that MAC is something too difficult to > manage. Since this movie was recorded realtime, there is a long blank upon > rebooting. If you have more text to explain in the blank time, feel free to > edit. This text will be reused when recording kickstarting on Ubuntu 12.04. Perhap something like: You've finished all preparations. Now, reboot the system so that TOMOYO Linux can start analysing. In order to enable TOMOYO Linux, add security equals tomoyo. The system is booting like normal Linux. But in the background, TOMOYO Linux is recording access requests occurred in the system. Every application is placed into a separate domain. TOMOYO Linux records what programs were executed, what files were read, what files were written, for each domain. You can record access requests occurred in the system using learning mode and restrict access requests occurred in the system using enforcing mode. Each domain can have different access requests and different profiles, to allow for fine grained control.
TOMOYO
Fork