TOMOYO Linux is a Mandatory Access Control (MAC) implementation for Linux that can be used to increase the security of a system, while also being useful purely as a system analysis tool. It was launched in March 2003 and had been sponsored by NTT DATA Corporation, Japan until March 2012.
TOMOYO Linux focuses on the behaviour of a system. Every process is created to achieve a purpose, and like an immigration officer, TOMOYO Linux allows each process to declare behaviours and resources needed to achieve their purpose. When protection is enabled, TOMOYO Linux acts like an operation watchdog, restricting each process to only the behaviours and resources allowed by the administrator.
In a normal operating system (OS), every application is unmonitored and it is difficult to determine what is happening in a system:
If TOMOYO Linux is introduced, each application can be monitored to determine exactly what it is doing and a policy configuration can be automatically generated. Every action that an application performs is automatically appended to an Access Control List (ACL). Browsing this list can allow a precise understanding of what each application is doing:
TOMOYO Linux can therefore be used as a system analysis tool, which can aid in:
- debugging applications
- understanding the behaviour of a Linux system
- writing documentation
If protection is enabled, TOMOYO Linux uses Mandatory Access Control to restrict each application to do only what the administrator has allowed it to do:
TOMOYO Linux can therefore be used as a system restriction tool, which can aid in:
- restricting services such as SSH and Apache
- restricting system administrator operations
- creating per-application networking firewalls
- reducing damage caused by buffer overflows and other security exploits
- deploying a honeypot system
The video below demonstrates how to initialize, configure and enforce TOMOYO Linux 2.4 on a openSUSE 12.1 system. Experience TOMOYO Linux in only 10 minutes!
The video below demonstrates how to initialize, configure and enforce TOMOYO Linux 2.2 on a Ubuntu 10.04 system. Experience TOMOYO Linux in only 10 minutes!
The videos below demonstrate how to install, initialize, configure and enforce TOMOYO Linux 1.7 on CentOS 5 and Ubuntu 10.04 systems. Experience TOMOYO Linux in only 10 minutes!