On Fri, 2006-03-24 at 18:52 +1100, CaT wrote:
> On Thu, Mar 23, 2006 at 11:42:00PM -0800, Andrew Morton wrote:
> > You explained why it was better than grafting audit onto this application.
> >
> > But do you see some special value in the actual services which this patch
> > provides - monitoring filesystem events?
>
> Is there something around atm that would, for example, allow a virus
> scanner to scan files when they are created, etc? Or to add files to
> an index for quick searches?
audit, inotify
> There are probably other potential uses but I'm too tired and those two
> come to mind right now.
but this mechanism doesn't actually cover the virus scanner need at
least; audit is a bit more complex in code because it's a security tool
and needs to be accurate for security-related events. Now guess what...
a virus scanner needs this same level of scrutiny... (well unless you
don't care about that it's easy to bypass your scanner and that you
support linux only for marketing reasons ;)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
