• Tetsuo Handa's avatar
    TOMOYO: Add interactive enforcing mode. · 17fcfbd9
    Tetsuo Handa authored
    Since the behavior of the system is restricted by policy, we may need to update
    policy when you update packages.
    
    We need to update policy in the following cases.
    
        * The pathname of files has changed.
        * The dependency of files has changed.
        * The access permissions required has increased.
    
    The ideal way to update policy is to rebuild from the scratch using learning
    mode. But it is not desirable to change from enforcing mode to other mode if
    the system has once entered in production state. Suppose MAC could support
    per-application enforcing mode, the MAC becomes useless if an application that
    is not running in enforcing mode was cracked. For example, the whole system
    becomes vulnerable if only HTTP server application is running in learning mode
    to rebuild policy for the application. So, in TOMOYO Linux, updating policy is
    done while the system is running in enforcing mode.
    
    This patch implements "interactive enforcing mode" which allows administrators
    to judge whether to accept policy violation in enforcing mode or not.
    A demo movie is available at http://www.youtube.com/watch?v=b9q1Jo25LPA .
    Signed-off-by: default avatarTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
    Signed-off-by: default avatarJames Morris <jmorris@namei.org>
    17fcfbd9
common.h 37.7 KB