Re: Out of tree module using LSM

On Wed, 28 Nov 2007 19:52:46 GMT, Alan Cox said:
> > It might be better to identify the services (gateway, samba, file
> > server whatever) that are actually dealing with possible infected
> > "external" files and then define some generic interface that would
> > allow you to check those as the data appears.
> 
> I am wondering if the right interface is actually more related to the
> existing audit interfaces ?

The problem there is that the audit interface just *records* - it doesn't
have the ability to say "No, I don't *think* so.." that the LSM interface has.

Attachment: pgpK0zsnrGdfy.pgp
Description: PGP signature

References:
- Out of tree module using LSM
  - From: "Tvrtko A. Ursulin" <[email protected]>
- Re: Out of tree module using LSM
  - From: Andi Kleen <[email protected]>
- Re: Out of tree module using LSM
  - From: Alan Cox <[email protected]>

Prev by Date: Re: 2.6.24-rc3-mm2 (build failure on s390)
Next by Date: Re: 2.6.24-rc3-mm2 (build failure on arm)
Previous by thread: Re: Out of tree module using LSM
Next by thread: Re: Out of tree module using LSM
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]