Projects / TOMOYO Linux


TOMOYO Linux is a Mandatory Access Control (MAC) implementation for Linux that can be used to increase the security of a system, while also being useful purely as a system analysis tool. It was launched in March 2003 and is sponsored by NTT DATA Corporation, Japan.

Operating Systems

RSS Last announcement

Memory leak bug in TOMOYO 2.3 03 Mar 2011

Memory leak was found in TOMOYO 2.3 which is included in 2.6.36 and later.

In tomoyo_check_open_permission() which checks permissions upon file ...

RSS Recent releases

Release Notes: This release includes a bugfix and enhancements to the policy editor. TOMOYO 2.3 (Linux 2.6.36) and later appeared to have problems in handling mount permission checks. When applying the fix, you might need redefining policies. A patch for TOMOYO 2.5 will be included in Linux 3.4. Regarding ccs-tools, the number of selected items will now be displayed in the policy editor.

Release Notes: TOMOYO 1.8.3 and AKARI 1.0.20 accept an optional argument that supersedes the exception policy's domain transition control directives to "file execute", "task auto_execute_handler", and "task denied_execute_handler" entries. This optional argument will also be available in TOMOYO 2.5.

  •  07 Aug 2011 16:08

Release Notes: The userland tools for TOMOYO 2.4.0 have been released.

  •  20 Jun 2011 20:35

    Release Notes: Policy namespace was introduced in order to make it easier to use TOMOYO in LXC environments. The trigger for activation is configurable upon boot using the CCS_trigger= option in order to make it easier to use TOMOYO with systemd environments.

    •  01 Apr 2011 09:48

    Release Notes: Several bugs were fixed. A new feature to protect the Android environment from privilege escalation was added. Support for packed policy format was added. The garbage collector was modified so as not to wait for /proc/ccs/ users. As a result, memory reclamation can start earlier.

    RSS Recent comments

    29 Oct 2010 13:26 inow

    It is very important to submit releases for tomoyo-2.x here on freshmeat, too! Either there should be another freshmeat project or the tomoyo-2.x releases should be announced right here. Missing this made booting my linux-2.6.36 kernel impossible after new changes!


    Project Spotlight


    A file de-duplication, organization, and bulk previewing tool.


    Project Spotlight

    Collax V-Cube+

    Virtualization and HA Management of virtual machines and embedded HA Storage.