lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Wed, 20 Aug 2008 19:03:45 +0200
From:	Pavel Machek <pavel@...e.cz>
To:	Rik van Riel <riel@...hat.com>
Cc:	Alan Cox <alan@...rguk.ukuu.org.uk>,
	Eric Paris <eparis@...hat.com>,
	Arjan van de Ven <arjan@...radead.org>,
	Jan Harkes <jaharkes@...cmu.edu>,
	"Press, Jonathan" <Jonathan.Press@...com>, peterz@...radead.org,
	linux-kernel@...r.kernel.org, malware-list@...ts.printk.net,
	hch@...radead.org, andi@...stfloor.org, viro@...IV.linux.org.uk
Subject: Re: HSM (was Re: [malware-list] TALPA - a threat model?  well sorta.)

On Tue 2008-08-19 16:33:45, Rik van Riel wrote:
> On Tue, 19 Aug 2008 21:20:27 +0200
> Pavel Machek <pavel@...e.cz> wrote:
> 
> > > If you think FUSE+unionfs is a cleaner solution than one
> > > hook in the VFS, I've got a bridge to sell you.
> > 
> > If you can do it with one clean enough hook, I'll buy that bridge.
> > 
> > [If you want to do 'list directory before files are there' -- and you
> > seem to want to from description above -- fuse seems like a way to
> > go.]
> 
> For a poor man's HSM, it may be a possibility to simply restore
> all the files as sparse files, fetching the content on demand.

Agreed but... I'd rather have rich man's HSM and rich man's antivirus.
You know, I'm going to get very rich, owning that bridge ;-).

[Seriously, FUSE seems to be better way of implementing HSM, and
single hook at open is not enough to implement non-racy antivirus...]

							Pavel

-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ