Re: [RFC][PATCH] EVM and SLIM LSM modules

From: Nick Petroni (npetroni@private)
Date: Tue Oct 18 2005 - 07:17:30 PDT


>> A better description of what exactly you mean here (like what's LOMAC?)

LOMAC is an implementation of Biba's Low Water-Mark model by Tim Fraser.


"The LOMAC [13] project has implemented a form of mandatory access
control based on the Low Water-Mark model in a Linux loadable kernel
module. LOMAC was not designed to provide flexibility in its support for
security policies; instead, it focuses on providing useful integrity
protection without any site-specific configuration, regardless of the
software and users present on a system. It should be possible to implement
the Low Water-Mark model in SELinux as a particular policy module."


Project at:

FREENIX paper at :


Nick L. Petroni, Jr.
Graduate Student, Computer Science
Maryland Information Systems Security Lab
University of Maryland

This archive was generated by hypermail 2.1.3 : Tue Oct 18 2005 - 07:18:15 PDT