TOMOYO Linux is a Mandatory Access Control (MAC) implementation for Linux that can be used to increase the security of a system, while also being useful purely as a system analysis tool. It was launched in March 2003 and had been sponsored by NTT DATA Corporation, Japan until March 2012.
TOMOYO Linux focuses on the behaviour of a system. Every process is created to achieve a purpose, and like an immigration officer, TOMOYO Linux allows each process to declare behaviours and resources needed to achieve their purpose. When protection is enabled, TOMOYO Linux acts like an operation watchdog, restricting each process to only the behaviours and resources allowed by the administrator.
A memory corruption problem was discovered in files between ccs-patch-1.7.0-20090903.tar.gz and ccs-patch-1.7.1-20100214.tar.gz . If memory allocation failed when trying to remember an IPv6 address, memory near IPv6 address's list's head is modified by subsequent procedure, and possibly crash due to corrupted data structure.
Those who downloaded files between ccs-patch-1.7.0-20090903.tar.gz and ccs-patch-1.7.1-20100214.tar.gz , please update to ccs-patch-1.7.1-20100326.tar.gz .
http://sourceforge.jp/projects/tomoyo/lists/archive/users-en/2010-March/000139.html
----------------------------------------
A severe memory leak problem was discovered in ccs-patch-1.7.1-20091111.tar.gz . If environment variable name checking functionality is enabled, each execute request consumes 4KB of memory, and the system will eventually hang due to out of memory.
Those who downloaded ccs-patch-1.7.1-20091111.tar.gz , please update to ccs-patch-1.7.1-20091220.tar.gz .
http://sourceforge.jp/projects/tomoyo/lists/archive/users-en/2009-December/000114.html
TOMOYO
Fork