TOMOYO
ForkUser-visible changes regarding TOMOYO 1.8 since last report: I removed verbose=
option which controls whether or not to print policy violation warning messages
when policy violation occurred. Instead, to be able to know whether policy
violation occurred or not, I added /proc/ccs/stat interface. You can check
whether any policy violation has occurred or not by reading /proc/ccs/stat and
check what the policy violation was by reading /proc/ccs/reject_log . Also,
file_pattern keyword support was removed. Converting pathnames using wildcards
will be done in the userspace.
Currently, TOMOYO distinguishes whether a pathname refers a directory or not
by whether that pathname ends with '/' or not. This is legacy of TOMOYO when
there were only read/write/execute permissions (using 4 2 1 respectively).
Therefore, for example, to allow renaming all files and directories under
home directories, you have to specify separately like
file rename /home/\{\*\}/ /home/\{\*\}/
file rename /home/\{\*\}/\* /home/\{\*\}/\*
.
But nowadays, you can add conditions like path1.type=directory as needed.
Therefore, I think it is fine to remove distinction by trailing '/' and
aggregate like
file rename /home/\{\*\}/\* /home/\{\*\}/\*
. You can specify like
file rename /home/\{\*\}/\* /home/\{\*\}/\* path1.type!=directory path2.type!=directory
if you want to forbid renaming directories.
Removing distinction by trailing '/' has a side effect. Until now, you were
able to specify like
file mkdir /home/\{\*\}/
but you will have to explicitly specify basename part like
file mkdir /home/\{\*\}/\*
if this distinction is removed.
Is it acceptable for you to remove this distinction in TOMOYO 1.8?
Please reply if you have problems with removing this distinction.
If no objections, I will remove this distinction in order to simplify code.
Regards.