florian.lissandres wrote: > But now, I wonder why some syscalls seems not to be caught by Tomoyo. Like > sysinfo, getcwd, sigaltstack.
TOMOYO is not checking all of syscalls. One reason is that LSM hooks are not inserted into every syscall. The other reason is for TOMOYO's ease of use and less performance impact. You can see list of syscalls checked by TOMOYO at http://tomoyo.sourceforge.jp/cgi-bin/lxr/ident?i=tomoyo_mac_keywords and http://tomoyo.sourceforge.jp/2.5/policy-specification/domain-policy-syntax.html . _______________________________________________ tomoyo-users-en mailing list [email protected] http://lists.sourceforge.jp/mailman/listinfo/tomoyo-users-en
