This is the main README for LOMAC v1.0.4 for Linux.

LOMAC is an attempt to make an easily-adoptable form of MAC integrity
protection available to the Free UNIX community without the
discouraging necessity of kernel modifications.  LOMAC implements a
simple form of MAC integrity protection based on Biba's Low Water-Mark
model in a Linux Loadable Kernel Module (LKM).  Although it trades off
some of the advanced MAC features found in traditional MAC
implementations, LOMAC provides useful integrity protection without
any modifications to the kernel, applications, or their existing
configurations.  LOMAC is designed to be compatible with existing
software, and ships with a one-size-fits-all default configuration.
LOMAC may be used to harden currently-deployed Linux systems simply by
loading the LKM into the kernel shortly after boot time.

LOMAC is Free software.  The latest release is available for download
under the GNU GPL at ftp://ftp.tislabs.com/pub/lomac.  More detailed
information about LOMAC, its use, the protection it provides, and its
relation to other Linux MAC projects can be found in the LOMAC Manual,
included under the Doc subdirectory of this distribution.  In
addition, the paper:

   Fraser, Timothy, "LOMAC: Low Water-Mark Integrity Protection for
   COTS Environments", Proceedings of the 2000 IEEE Symposium on
   Security and Privacy, Berkeley, California, pp. 230-245, May, 2000.

can be found at ftp://ftp.tislabs.com/pub/lomac/lomac-sp00.pdf.  This
paper describes LOMAC's compatibility goals and explains why the Low
Water-Mark form of MAC is especially suitable for meeting them.

LOMAC is sufficiently robust for everyday use.  Presently, two members
of the NAI labs staff run it on their Linux workstations at all times.
We expect this number to grow.  All LOMAC development since v0.3pre5
has been done on machines running LOMAC, as has the preparation of
this release tarball, including the creation of this README file.  We
encourage others to experiment with LOMAC, as well.

Although it is sufficiently stable for everyday use, LOMAC is not
bug-free.  Some security-relevant operations are not yet controlled by
LOMAC, including reboot, mmap, and all forms of System V IPC.
Furthermore, LOMAC contains numerous time-of-check/time-of-use bugs
which permit specially-constructed programs to misuse of some of the
operations which LOMAC does control.  See the BUGS file for details.
As LOMAC development continues, we expect to address these problems.
Nevertheless, we believe that LOMAC presently provides sufficient
protection to defend against relatively unskilled attackers who are
not capable of adapting their methods to bypass LOMAC.

This version of LOMAC supports only single-CPU systems running Linux
2.2 kernels.  It has been tested on Linux 2.2.5 and Linux 2.2.12.

Changes in LOMAC v1.0.4:

o Improved performance of lps and lls scripts by moving the
  functionality of the linfo and level scripts into a Perl module.
  Many thanks to John Thiltges <jthiltg1 AT bigred DOT unl DOT UDE>
  who submitted the code to solve this problem.
o Updated manual to reflect the above fix.

The LKM is unchanged except for a version-number increment.  The
improvements are all in the scripts under Src/Scripts.  With LOMAC
running, you can upgrade most easily by tarring up the Scripts
directory, and then using /opt/lomac/bin/lup to upgrade the tar file
to level 2.  Once it's at level 2, LOMAC will allow you to untar the
new scripts into /opt/lomac/bin.  Alternately, you can turn LOMAC off
by doing /sbin/chkconfig --del lomac and rebooting.  After installing
the new scripts you can /sbin/chkconfig --add lomac and reboot again
to turn LOMAC back on.

