Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Tomoyo linux introduction

1 426 vues

Publié le

  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Tomoyo linux introduction

  1. 1. Introduction ofTOMOYO Linux<br />September 2010<br />TOMOYO Linux project<br />
  2. 2. TOMOYO Linux as a “Linux system analyze tool”<br />Part 1<br />
  3. 3. TOMOYO Linux is an extension of Linux kernel (it’s not a Linux distribution)<br />TOMOYO Linux add a “process tracing capability” to your Linux environment<br />“process tracing capability”<br />What is TOMOYO Linux?<br />
  4. 4. It is a capability to store “how a process has been created”<br />For instance, if you logged in via ssh and get a /bin/bash session, that bash session is stored as follows:<br />“<kernel> /sbin/init /bin/sh /etc/rc.d/rc /etc/rc.d/init.d/sshd /usr/sbin/sshd /usr/sbin/sshd/bin/bash”<br />What is “process tracing capability”?<br />
  5. 5. If you logged in through a console<br />“<kernel> /sbin/init /bin/sh /sbin/mingetty /bin/login /bin/bash”<br />“<kernel>” is just a symbol to indicated the starting point, and each program names just follow with space as a separator<br />
  6. 6. If TOMOYO Linux is enabled<br />“process invocation history” information is automatically stored<br />you can see how each process has been created<br />You can browse the entire process invocation history by using a TOMOYO Linux policy editor (it’s CUI)<br />So what?<br />
  7. 7. Fedora 13<br />
  8. 8. Fedora 13 (firefox)<br />
  9. 9. Log in as a root<br />execute “ccs-editpolicy”<br />Total numbers of different “process invocation history” patterns is displayed like “601 domains”<br />Use cursor key to go up/down<br />How to use the TOMOYO Linuxpolicy editor<br />
  10. 10. TOMOYO Linux monitors actions caused for each “process invocation history” pattern<br />To see them, simply select the line and hit enter key<br />
  11. 11. Fedora 13 (firefox)<br />
  12. 12. You need to install TOMOYO Linux kernel and TOMOYO Linux tools<br />We are maintaining TOMOYO Linux kernel and tools repositoriesfor users’ convenience<br />Kernel patches and tools source code are available, too<br />Project homepage has everything you need<br />http://tomoyo.sourceforge.jp/<br />How to use TOMOYO Linux<br />
  13. 13. TOMOYO Linux as a “security tool”<br />Part 2<br />
  14. 14. Demo movie<br />
  15. 15. Q and A<br />