Discussion:
[tomoyo-users-en 520] CaitSith 0.1.7 is available.
(too old to reply)
Tetsuo Handa
2012-12-25 11:14:39 UTC
Permalink
Raw Message
Happy holidays!

A new version of CaitSith supports various conditions which were rejected as
invalid until previous versions. With this update, I hope that CaitSith became
flexible enough to actually try.

Also, as a preparation step for proposing CaitSith for inclusion into mainline,
although experimental and only compile tested, CaitSith can now be built as a
LKM-based LSM module like AKARI. Well, I repeat: Experimental and only compile
tested. Also, unfortunately, LKM-based AKARI and LKM-based CaitSith cannot be
run in parallel due to insufficient LSM hooks.

ccs-patch / akari / caitsith-patch tarballs have been updated. These tarballs
include support for Linux 3.8-rc1.

Please let me know if you found any problems.

ccs-patch-1.8.3-20121225.tar.gz MD5: 3333459c47cacd9d221c40cc1079bc3b
akari-1.0.29-20121225.tar.gz MD5: 99997f4a79f1b9a3930fb3d8f434623e
caitsith-patch-0.1-20121225.tar.gz MD5: 00008d5284fce530c4cd6418695dc651

Regards.
Tetsuo Handa
2013-01-06 12:31:30 UTC
Permalink
Raw Message
Hello.

A new version of CaitSith fixes two policy parser regressions.
( caitsith-patch-0.1-20121225.tar.gz can't correctly parse/audit "environ" and
"pivot_root" rules.)

LSM version of CaitSith seems to be working (though still under testing). Steps
are similar to AKARI ( http://akari.sourceforge.jp/1.0/chapter-3.html#3.1 and
#3.2) except that "s/akari/caitsith/g" and adding "init=/sbin/caitsith-init"
are needed.

I'm writing testcases for CaitSith and fixing bugs in CaitSith.
Please let me know if you found any problems.

caitsith-patch-0.1-20130106.tar.gz MD5: 4444db3c7702bcd2171c110a728f77ff

Regards.

Loading...