2012-07-19 14:23:10 UTC
I am studiying Tomoyo Linux 2.5 and I would like to have some
informations about what is catched and what is not.
I have compared syscalls while executing vim with strace and what is
catched by Tomoyo-queryd.
And I would like to have the confirmation that Tomoyo checks if a file
exists before to read through its policy?
Because, for exemple, with vim:
Tomoyo-queryd catch: file read /usr/share/vim/vim73/lang/fr/LC_MESSAGE/vim.mo
But strace catch, juste before:
-1 ENOENT (no such file or directory)
And so, Tomoyo has not catched the attempt of opening (catched by strace).
Thank you in advance and sorry for my english speaking.