2012-07-20 14:23:03 UTC
I now understand why all opening on non-existent files are not caught by
But now, I wonder why some syscalls seems not to be caught by Tomoyo. Like
sysinfo, getcwd, sigaltstack.
In fact, I have to study what is monitored and what is not in details. I
give another example:
At the moment where vim tries to read the file /home/user1 for exemple
(file read /home/user1), strace stays locked on the syscalls
open(".",O_READONLY | O_LARGEFIL) = 3. Up to there no problem. But just
after I allow Tomoyo to add this authorization to the policy I see others
syscalls on strace: Fchdir(3) = 0, chdir("/usr/share/vim") = 0,
getcwd("/usr/share/vim", 4096) = 15, close or brk.
I have read the documentation but I do not find enought details on those
questions. I imagine that my request is hard to satisfy, but if you can
help my to get more details, it would be very interesting.
-------------- next part --------------
An HTML attachment was scrubbed...