Re: fanotify as syscalls

From: Eric Paris
Date: Wed Sep 23 2009 - 11:52:11 EST

Next message: John W. Linville: "pull request: wireless-next-2.6 2009-09-23"
Previous message: Heiko Carstens: "Re: [PATCH] fs: change sys_truncate/sys_ftruncate length parametertype"
In reply to: Tvrtko Ursulin: "Re: fanotify as syscalls"
Next in thread: hch@xxxxxxxxxxxxx: "Re: fanotify as syscalls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2009-09-23 at 13:32 +0200, Arjan van de Ven wrote:
> On Wed, 23 Sep 2009 09:39:33 +0100
> Tvrtko Ursulin <tvrtko.ursulin@xxxxxxxxxx> wrote:
>
> > Lived with it because there was no other option. We used LSM while it
> > was available for modules but then it was taken away.
>
> ... at which point you could have submitted your LSM module for
> inclusion... you'd be the first (and only?) Anti Virus vendor that
> would be in the mainline kernel.. speaking of competitive advantage,
> coming out of the box in all distributions.

And users would be left in a situation between choosing an LSM which
actually does in provable ways increase security and using an AV
scanner. Until magic solves the LSM stacking problem (it's been tried,
no magic) I don't think any distro wants AV vendors as LSMs.

-Eric

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: John W. Linville: "pull request: wireless-next-2.6 2009-09-23"
Previous message: Heiko Carstens: "Re: [PATCH] fs: change sys_truncate/sys_ftruncate length parametertype"
In reply to: Tvrtko Ursulin: "Re: fanotify as syscalls"
Next in thread: hch@xxxxxxxxxxxxx: "Re: fanotify as syscalls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]