[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20071129165731.GA30719@infradead.org>
Date: Thu, 29 Nov 2007 16:57:31 +0000
From: Christoph Hellwig <hch@...radead.org>
To: Jan Engelhardt <jengelh@...putergmbh.de>
Cc: Greg KH <greg@...ah.com>, Jon Masters <jonathan@...masters.org>,
Valdis.Kletnieks@...edu, Christoph Hellwig <hch@...radead.org>,
Al Viro <viro@....linux.org.uk>,
Casey Schaufler <casey@...aufler-ca.com>,
"Tvrtko A. Ursulin" <tvrtko.ursulin@...hos.com>,
linux-kernel@...r.kernel.org
Subject: Re: Out of tree module using LSM
On Thu, Nov 29, 2007 at 05:53:33PM +0100, Jan Engelhardt wrote:
> >> But the problem is that this isn't just Samba, this is a countless
> >> myriad of different applications. And if one of them doesn't support
> >> on-access scanning, then the whole solution isn't worth using.
> >
> >Ok, which specific applications do they care about? Last time I asked
> >it was still limited to a very small handful, all of which would be
> >trivial to add such a hook to.
> >
> Well, think bash, syscalls. While you can add a plugin to samba "easily",
> it seems overkill to do the same for rm, mv, cp, bash.
Can we please stop this useless discussion? Trying to check the content
of files to see whether they might be malicious is inherently braindead,
and no amounts of plugins in random places will fix this.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists