TOMOYO: Add recursive directory matching operator support.
Andy Whitcroft wrote:
> On Wed, Dec 09, 2009 at 08:50:19PM +0900, Tetsuo Handa wrote:
> > Hello.
> > Is it possible to apply below TOMOYO patch (which was backported from TOMOYO
> > 1.7.1 http://www.youtube.com/watch?v=OjgBRDa53M8 and merged into 2.6.33) to
> > Lucid (and Karmic)?
> > http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7539cf4b92be4aecc573ea962135f24 6a7a33401
> This is a fairly comprehensive patch, which appears to have some
> performance detrement to the TOMOYO matcher. Though as its already
> upstream I guess its the way things are going.
There is no performance detriment if string does not contain patterns, and
most strings do not contain patterns. Thus, performance detriment by this patch
won't be noticed.
> Does anyone know how extensive our tomoyo userbase is?
TOMOYO suits well on embedded systems like Android as well as PC and servers.
( http://sourceforge.jp/projects/tomoyo/docs/JLS_tomoyo_tutorial.pdf )
TOMOYO is one of candidates for Chromium OS.
( http://sites.google.com/a/chromium.org/dev/chromium-os/chromiumos-design-docs/system-hardening )
People can't get distributor's support if they use modified kernels.
Nonetheless, they have been using TOMOYO 1.x (about 33000 downloads) without
distributor's support. I don't have means to measure your TOMOYO userbase,
but I'm sure that it is worth applying this patch for Lucid.
kernel-team mailing list