| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 29 Nov 2007 08:47:46 -0800 From: Greg KH <greg@...ah.com> To: Jon Masters <jonathan@...masters.org> Cc: Jan Engelhardt <jengelh@...putergmbh.de>, Valdis.Kletnieks@...edu, Christoph Hellwig <hch@...radead.org>, Al Viro <viro@....linux.org.uk>, Casey Schaufler <casey@...aufler-ca.com>, "Tvrtko A. Ursulin" <tvrtko.ursulin@...hos.com>, linux-kernel@...r.kernel.org Subject: Re: Out of tree module using LSM On Thu, Nov 29, 2007 at 11:36:12AM -0500, Jon Masters wrote: > On Wed, 2007-11-28 at 17:07 -0800, Greg KH wrote: > > > The easiest way is as Al described above, just have the userspace > > program that wrote the file to disk, check it then. > > But the problem is that this isn't just Samba, this is a countless > myriad of different applications. And if one of them doesn't support > on-access scanning, then the whole solution isn't worth using. Ok, which specific applications do they care about? Last time I asked it was still limited to a very small handful, all of which would be trivial to add such a hook to. > > There are some nice SAMBA plugins that do just that already out there... > > That's really not the problem :-) Yes it is. That's all you want to catch, when a Windows machine wants to access a file on a SAMBA server. Do the check then, in userspace. Believe me, I've been over and over and over and over this before... thanks, greg k-h - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists