On Thu, 14 Jun 2007, Toshiharu Harada wrote:
> TOMOYO Linux has a mode called "learning"
> in addition to "permissive" and "enforce". You can easily
> get the TOMOYO Linux policy with learning mode that
> SELinux does not have.
Blindly generating security policy through observation of the system is
potentially dangerous for many reasons.
See
<http://securityblog.org/brindle/2006/03/25/security-anti-pattern-status-quo-encapsulation/>
Note that while SELinux does also have a similar capability with the
audit2allow tool, it should be considered an expert tool, the output of
which needs to be understood before use (as noted in its man page).
> In addition, access control mode of
> TOMOYO Linux can be managed for every difference domain.
We have considered per-domain enforcing mode a couple of times in the
past, but figured that it could be implemented via policy alone (e.g. run
the task in a domain where all accesses are allowed and logged); and it
would also be of limited usefulness because of the aforementioned problems
with learning mode security policy.
- James
--
James Morris
<[email protected]>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
