Re: Out of tree module using LSM

From: Valdis . Kletnieks
Date: Wed Nov 28 2007 - 15:05:28 EST

Next message: Andrew Morton: "Re: 2.6.24-rc3-mm2 (build failure on arm)"
Previous message: Andrew Morton: "Re: 2.6.24-rc3-mm2 (build failure on s390)"
In reply to: Alan Cox: "Re: Out of tree module using LSM"
Next in thread: tvrtko . ursulin: "Re: Out of tree module using LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 28 Nov 2007 19:52:46 GMT, Alan Cox said:
> > It might be better to identify the services (gateway, samba, file
> > server whatever) that are actually dealing with possible infected
> > "external" files and then define some generic interface that would
> > allow you to check those as the data appears.
>
> I am wondering if the right interface is actually more related to the
> existing audit interfaces ?

The problem there is that the audit interface just *records* - it doesn't
have the ability to say "No, I don't *think* so.." that the LSM interface has.

Attachment: pgp00000.pgp
Description: PGP signature

Next message: Andrew Morton: "Re: 2.6.24-rc3-mm2 (build failure on arm)"
Previous message: Andrew Morton: "Re: 2.6.24-rc3-mm2 (build failure on s390)"
In reply to: Alan Cox: "Re: Out of tree module using LSM"
Next in thread: tvrtko . ursulin: "Re: Out of tree module using LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]