Re: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterfaceforonaccess scanning

From: Arjan van de Ven
Date: Tue Aug 05 2008 - 17:09:24 EST

Next message: Peter Zijlstra: "Re: [PATCH RFC] pm_qos_requirement might sleep"
Previous message: Al Viro: "Re: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterfaceforon access scanning"
In reply to: Eric Paris: "RE: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterfaceforonaccess scanning"
Next in thread: Rik van Riel: "Re: [malware-list] [RFC 0/5] [TALPA] Intro to a linuxinterfaceforonaccess scanning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 05 Aug 2008 16:51:07 -0400
Eric Paris <eparis@xxxxxxxxxx> wrote:

> I think Alan and I have both described how greater linux security can
> be gained through this interface compared to glibc or LD_PRELOAD even
> if it isn't perfect security.

I guess I missed that.

I will fully subscribe to the idea that "the LD_PRELOAD way assumes you
have a good->bad transition" might not be fully bullet proof (after
all, if your init is compromised you won't have this transition)

but what else is the actual gap?

--
If you want to reach me at my work email, use arjan@xxxxxxxxxxxxxxx
For development, discussion and tips for power savings,
visit http://www.lesswatts.org
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Peter Zijlstra: "Re: [PATCH RFC] pm_qos_requirement might sleep"
Previous message: Al Viro: "Re: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterfaceforon access scanning"
In reply to: Eric Paris: "RE: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterfaceforonaccess scanning"
Next in thread: Rik van Riel: "Re: [malware-list] [RFC 0/5] [TALPA] Intro to a linuxinterfaceforonaccess scanning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]