Work in progress

[intika]

Todo :

• Create a main app (same as startup-watcher) and use "ccq > /tmp/tomoyo" to display logs...
• When deny dgram bind denied (udp) > connection bind still occur (test with skype and profile 6) (apparently was a mistake because of allow and learn... so update allow and learn to distinguish tcp/udp)
• Auto-save on deny all
• Change "Allow and learn" to "Allow and remember"
• Edit documentation with full explanation how this app works
• Create a system call function that integrate fork to populate fork to all system function (fix keep alive problem...)
• Integrate ccs in save_policy function
• Add clear log
• Add tray icon
• Add window to display logs or increase buffer
• Clean the code and make the app pro.
• Use profile over a setting file instead of hard coding it
• Fix warning
• Add ccs-firewall to exception (can cause problem when route used because of sudo... or remove sudo from system call because its already root)
• Along with text config file... manage question according to file/capability/network/misc/ipc (different question with different action on different policy)
• Bug : Allow & Save Show Twice For Same Request
• Disable/Enable >> Allow-All Without Logs (disable feature...)
• Modes : Learn / Allow-All-Without-Saving / Deny-All-Do-Not-Disturb / Disabled
• Tomoyo Clean Domains
• Check Allowed Tomoyo Managers (Must be copied to /usr/bin )
• HIPS-4-Linux - Tomoyo (Dev GUI with Lazarus/Py/Qt/Py+Qt+Glade/Glade/KDE-Plasmoid/Gnome-Widgets ?) Lazarus Terminal https://www.youtube.com/watch?v=KcHZVT1mHJY ?
• I can switch to use use_group instead of profile to be able to manage different access level network/capability/file...

Note :

Enforcing_penalty = If the Enforcing Mode profile is configured with PREFERENCE={ enforcing_penalty=1 } then domains that violate policy will be made to sleep for 0.1 seconds. This is useful for avoiding infinite loops that can cause CPU usage to reach 100%.