Although there are several problems remaining, the next version of TOMOYO is taking a concrete shape. It is designed for simplicity. For example, since some people complain that "who can manage domains that exceed many hundreds?", I changed TOMOYO's domain management from mandatory to optional. For another example, since some people complain that "I want to use black listing because white listing is too much burden for me", I changed from allow-only rules to allow/deny rules which resembles network packet filtering rules. Due to large changes, the version number cannot be determined yet. It might be no longer TOMOYO. Installation instructions and policy specification is available at http://tomoyo.sourceforge.jp/testing/ . If you can prepare a system for evaluation (e.g. virtual machine), please try and give us feedbacks.
TOMOYO
Fork