lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 5 Aug 2008 13:18:16 -0700
From:	Greg KH <greg@...ah.com>
To:	"Press, Jonathan" <Jonathan.Press@...com>
Cc:	Arjan van de Ven <arjan@...radead.org>,
	Eric Paris <eparis@...hat.com>, linux-kernel@...r.kernel.org,
	malware-list@...ts.printk.net,
	linux-security-module@...r.kernel.org
Subject: Re: [malware-list] [RFC 0/5] [TALPA] Intro to a
	linuxinterfaceforon access scanning

On Tue, Aug 05, 2008 at 02:38:23PM -0400, Press, Jonathan wrote:
> >> I think you might be missing the point a bit here, as the traditional
> Unix model that 
> >> Linux has prevents much of what the "traditional AV" products need to
> do, right?
> 
> Is your point that Linux and Unix machines are less vulnerable to
> viruses?  If so, that's not relevant to my point at all.  A Unix machine
> can be a carrier, passing infections on to other vulnerable platforms
> (guess which one).

So you are going to try to force us to take something into the Linux
kernel due to the security inadiquacies of a totally different operating
system?  You might want to rethink that argument :)

> An enterprise security system sees the entire enterprise as an
> integrated whole -- not just individual machines with their own
> separate attributes and no impact on each other at all.

I agree, but as others have pointed out, you don't need to do this in
the kernel, you can do it from userspace today (samba has hooks for this
for that "other" operating system already).

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ