Re: Out of tree module using LSM

[Greg KH]

On Thu, Nov 29, 2007 at 01:53:46AM +0100, Jan Engelhardt wrote:
> 
> On Nov 28 2007 16:38, Greg KH wrote:
> >> 
> >> And if we are talking about the situation when files are written to
> >> in controlled way (i.e. we are not concerned with malware running on
> >> the box in question and just want to stop it from passing through
> >> mailsewer, etc.), then there's no damn need to play with LSM - just
> >> have e.g. coda with its commit-on-close and run the scanner on
> >> commit.  End of story.  Mind you, in such setups one would be much
> >> better off just having the mail server run the tests explicitly in
> >> the userland, along with the rest of anti-spam, etc. filters.
> >
> >I've repeated the above statements so many times to a number of the
> >anti-virus companies, and other people that really should know better,
> >that I'm really sick of it.  For some reason, they keep trying to do
> >things like this in the kernel, despite it being trivial to do in
> >userspace properly.
> >
> Do you mean something along the lines of FUSE?

That is one way, but not the simplest or nicest (people don't want to
run their whole fs on FUSE just yet).

The easiest way is as Al described above, just have the userspace
program that wrote the file to disk, check it then.

There are some nice SAMBA plugins that do just that already out there...

thanks,

greg k-h
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/