TOMOYO Linux

Tomoyo Linux is a Mandatory Access Control system for Linux. This is not about a Linux distribution, such as possibly the name suggests. Tomoyo Linux is developed since 2003 and is sponsored by NTT Data with Toshiharu Harada (原田 季 栄) as a project manager.

Tomoyo stands for Task Oriented Management obviates Your Onus on Linux ( " task-oriented management reduces burdens on Linux" ).

Operation

Tomoyo used as SELinux, the LSM interface. It runs as a kernel module and directly controls the access rights of the individual processes at the highest system level. This building protection applications against unknown security holes, so-called zero-day exploits are to be protected. What needs to access a program to work normally, determine profiles with individual security policies. For standard software used on a GNU / Linux system canned profiles are included. Users and system administrators can create custom profiles for applications. Another possibility is the use of adaptive filtering while a program is in normal operation.