A security module for system analysis and protection
AKARI is a Mandatory Access Control (MAC) implementation for Linux that can be used to increase the security of a system, while also being useful purely as a system analysis tool. It is a Linux kernel module based on TOMOYO Linux, which was launched in March 2003.
AKARI focuses on the behaviour of a system. Every process is created to achieve a purpose, and like an immigration officer, AKARI allows each process to declare behaviours and resources needed to achieve their purpose. When protection is enabled, AKARI acts like an operation watchdog, restricting each process to only the behaviours and resources allowed by the administrator.
The main features of AKARI include:
- System analysis
- Increased security through Mandatory Access Control
- Tools to aid in policy generation
- Simple syntax
- Easy to use
- Very few dependencies
- Requires no modification of existing binaries
Find out more on our About Page!
AKARI 1.0.39 released
A new version of AKARI changed pathname calculation rule and fixed two bugs.
AKARI 1.0.38 released
A new version of AKARI fixes a bug in Linux 4.12 and later kernels where LSM hook is by error overwritten.
AKARI 1.0.36 released
This release is only for version synchronization.
AKARI 1.0.35 released
A new version of AKARI changed memory allocation rules.
AKARI 1.0.34 released
A new version of AKARI supports multiple use_group entries.
AKARI 1.0.28 released
A new version of AKARI fixes kernel panic bug in Linux 2.6.28 and earlier kernels which occurs after certain type of program is executed. Since this bug can be triggered without malicious intent, whoever using AKARI on Linux 2.6.28 and earlier kernels must upgrade to this version of AKARI.