名称 | 大小 | Rev. | 时间 | 作者 | Log Message |
---|---|---|---|---|---|
tomoyo2c.c | 794 | r248 | 2011-06-04 11:57:38 | kumaneko | |
README | 3.5 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
signal.c | 4.95 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
util.c | 28.31 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
policy | r248 | 2011-06-04 11:57:38 | kumaneko | ||
file.c | 44.73 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
environ.c | 2.92 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
internal.h | 58.17 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
capability.c | 4.18 k | r269 | 2011-06-20 12:30:08 | kumaneko | |
proc_if.c | 9.29 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
ccsecurity.h | 21.2 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
condition.c | 25.87 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
policy_io.c | 81.06 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
COPYING | 17.57 k | r18 | 2010-10-08 16:26:01 | kumaneko | |
gc.c | 25.9 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
network.c | 30.85 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
lsm.c | 76 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
group.c | 5.58 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
Makefile | 1.4 k | r249 | 2011-06-04 12:00:45 | kumaneko | |
load_policy.c | 7.91 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
realpath.c | 14.14 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
mount.c | 7.77 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
autobind.c | 2.54 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
audit.c | 13.65 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
domain.c | 34.37 k | r268 | 2011-06-19 17:10:29 | kumaneko | |
memory.c | 10.34 k | r268 | 2011-06-19 17:10:29 | kumaneko |
Notes for AKARI project AKARI is Access Keeping And Regulating Instrument for Linux 2.6 and later kernels. You can use AKARI for analyzing your system's behavior (i.e. reports which application accesses which resources like strace command does) and optionally restricting your system's behavior (i.e. controls which application can access which resources like TOMOYO/AppArmor does). AKARI is forked from TOMOYO 1.8 and made as a LKM (loadable kernel module) so that you don't need to replace your kernels installed in your system. This patch is released under the GPLv2. Project URL: http://akari.sourceforge.jp/ ChangeLog: Version 1.0 2010/10/10 First release. Version 1.0.1 2010/10/18 Minor update release. Synchronize with TOMOYO revision 4069. Fix off-by-two in ccs_check_unix_address(). Implement post accept() LSM hook. Version 1.0.2 2010/10/25 Minor update release. Synchronize with TOMOYO revision 4090. Add getattr() and readdir() checks. Use "YYYY/MM/DD hh:mm:ss" format for /proc/ccs/ interface. Do not automatically add / for umount(). Version 1.0.3 2010/11/01 Minor update release. Synchronize with TOMOYO revision 4104. Fix pathname handling in ccs_unix_entry(). Version 1.0.4 2010/11/11 Minor update release. Synchronize with TOMOYO 1.8.0 release. Add sysctl() check for 2.6.21 to 2.6.32 kernels. Fix double new_decode_dev() bug for mknod(). Fix keyword typo. Fix build failure on some kernels. Changed pathname prefix priority. Use hash table for faster scan. Updated function comments. Version 1.0.5 2010/11/22 Minor update release. Make ccs_domain_info/ccs_flags inheritable for 2.6.29 and later kernels. Version 1.0.6 2010/12/31 Minor update release. Synchronize with TOMOYO revision 4280. Use same interface for audit logs. Split ccs_null_security into ccs_default_security and ccs_oom_security. Version 1.0.7 2011/01/21 Minor update release. Synchronize with TOMOYO revision 4400. Use filesystem name for unnamed devices when vfsmount is missing. Version 1.0.8 2011/02/07 Minor update release. Synchronize with TOMOYO revision 4545. Fix infinite loop bug when reading /proc/ccs/audit or /proc/ccs/query . Version 1.0.9 2011/02/14 Minor update release. Fix missing permission check for interpreters in 2.6.30 and later kernels. Version 1.0.10 2011/02/15 Minor update release. Fix missing permission check for interpreters in 2.6.23 and earlier kernels. Fix wrong execute permission check and domain transition in 2.6.28 and earlier kernels. Version 1.0.11 2010/04/01 Minor update release. Synchronize with TOMOYO 1.8.1 release. Run garbage collector without waiting for /proc/ccs/ users. Support built-in policy configuration. Remove /proc/ccs/meminfo interface. Pack policy when printing via /proc/ccs/ interface. Fix conditional policy parsing. Serialize updating profile's comment line. Version 1.0.12 2011/04/11 Minor update release. Synchronize with TOMOYO revision 4874. Fix fcntl(F_SETFL, O_APPEND) handling. Version 1.0.13 2011/05/05 Minor update release. Synchronize with TOMOYO revision 4963. Fix wrong profile number in audit logs for "misc env" permission. Version 1.0.14 2011/05/11 Minor update release. Synchronize with TOMOYO revision 4978. Fix wrong domainname validation. Version 1.0.15 2011/06/20 Minor update release. Synchronize with TOMOYO 1.8.2 release. Add policy namespace support.