Hi all, I've been reading about, and playing with Tomoyo 2.5 on a Funtoo hardened system that has kernel 3.2.50 with grsec. Funtoo is a Gentoo derivative. I have enabled a default policy with "emerge --config tomoyo-tools". Then rebooted and now I see, for example, domains of the form: <kernel> /etc/init.d/SCRIPTNAME Obviously there are a lot of these so now my question is about the learning policy (#1). Should I, for example, set them all to 1 (learning mode), save the policy, reboot the system, and then after a while I can update the policy to Enforce? Should I only set this domain to 1, or should I do this for the children as well? I assume that this would create sane defaults that can be enforced if the programs/daemons are called from the init scripts (which, on my system, is how the programs should always start). The documentation does name how to build policies for daemons, but with the domains I mentioned I'm unsure about what is a good practice. Comments appreciated, thank you :) Mark
TOMOYO
Fork