Re: Out of tree module using LSM

On Wed, 28 Nov 2007 19:52:46 GMT, Alan Cox said:
> > It might be better to identify the services (gateway, samba, file
> > server whatever) that are actually dealing with possible infected
> > "external" files and then define some generic interface that would
> > allow you to check those as the data appears.
> 
> I am wondering if the right interface is actually more related to the
> existing audit interfaces ?

The problem there is that the audit interface just *records* - it doesn't
have the ability to say "No, I don't *think* so.." that the LSM interface has.

Attachment: pgpK0zsnrGdfy.pgp
Description: PGP signature

---

• References:
  • Out of tree module using LSM
    • From: "Tvrtko A. Ursulin" <[email protected]>
  • Re: Out of tree module using LSM
    • From: Andi Kleen <[email protected]>
  • Re: Out of tree module using LSM
    • From: Alan Cox <[email protected]>

• Prev by Date: Re: 2.6.24-rc3-mm2 (build failure on s390)
• Next by Date: Re: 2.6.24-rc3-mm2 (build failure on arm)
• Previous by thread: Re: Out of tree module using LSM
• Next by thread: Re: Out of tree module using LSM
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]