 | This articleneeds additional citations forverification. Please helpimprove this article byadding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Tomoyo Linux" – news ·newspapers ·books ·scholar ·JSTOR(September 2010) (Learn how and when to remove this message) |
 | |
 Tomoyo Linux 2.x Domain Policy Editor | |
| Original author(s) | NTT Data Corporation |
|---|---|
| Repository | |
| Operating system | Linux |
| Type | Mandatory access control |
| License | GPLv2 |
| Website | tomoyo |
Tomoyo Linux (stylised asTOMOYO Linux) is aLinux kernelsecurity module which implementsmandatory access control (MAC).
Tomoyo Linux is a MAC implementation forLinux that can be used to increase the security of a system, while also being useful purely as asystems analysis tool. It was launched in March 2003 and was sponsored byNTT Data Corporation until March 2012.[1]
Tomoyo Linux focuses on system behaviour. Tomoyo Linux allows each process to declare behaviours and resources needed to achieve their purpose. When protection is enabled, Tomoyo Linux restricts each process to the behaviours and resources allowed by the administrator.
The main features of Tomoyo Linux include:
Tomoyo was merged inLinux Kernel mainline version 2.6.30 (2009, June 10)/[2] It is currently one of four standardLinux Security Modules (LSM), along withSELinux,AppArmor andSMACK.
The Tomoyo Linux project started as a patch for the Linux kernel to provide MAC. Porting Tomoyo Linux to the mainline Linux kernel required the introduction of hooks[3] into the LSM that had been designed and developed specifically to support SELinux and its label-based approach.
However, more hooks are needed to integrate the remaining MAC functionality of Tomoyo Linux. Consequently, the project is following two parallel development lines:
Tomoyo Linux 1.x, original version
Tomoyo Linux 2.x, mainline version
Akari (stylised asAKARI), Tomoyo 1.x fork
The name 'TOMOYO' is, officially speaking, abackronym for "Task Oriented Management Obviates Your Onus". According to one of the developers Tetsuo Handa, it's also a reference to the character Tomoyo Daidouji fromCardcaptor Sakura.[4]
