2342 |
|
|
2343 |
Note that '\0'-terminated binary string is converted to TOMOYO's string |
Note that '\0'-terminated binary string is converted to TOMOYO's string |
2344 |
inside kernel and prefix "//" is automatically added to the string so |
inside kernel and prefix "//" is automatically added to the string so |
2345 |
that domainname does not confclict with domainnames created by execve(). |
that domainname does not conflict with domainnames created by execve(). |
2346 |
Without this prefix, if "<kernel> /usr/sbin/sshd /bin/bash" domain is |
Without this prefix, if "<kernel> /usr/sbin/sshd /bin/bash" domain is |
2347 |
allowed to open /proc/ccs/.transition for writing and |
allowed to open /proc/ccs/.transition for writing and |
2348 |
"<kernel> /usr/sbin/sshd /bin/bash /usr/bin/passwd" domain is allowed to |
"<kernel> /usr/sbin/sshd /bin/bash /usr/bin/passwd" domain is allowed to |
2360 |
|
|
2361 |
@ Allow building as loadable kernel module. |
@ Allow building as loadable kernel module. |
2362 |
|
|
2363 |
To be able to minimize filesize increment on vmlinux, I made it |
To be able to minimize filesize increment of vmlinux, I made it |
2364 |
possible to compile TOMOYO Linux as loadable kernel module. |
possible to compile TOMOYO Linux as loadable kernel module. |
2365 |
Although patching the kernel source and recompiling the kernel are |
Although patching the kernel source and recompiling the kernel are |
2366 |
inevitable, this change will make it easier to enable TOMOYO Linux |
inevitable, this change will make it easier to enable TOMOYO Linux |