Re: [PATCH 0/5] VFS: DazukoFS, stackable-fs, file access control

[Pavel Machek]

On Tue 2008-12-23 19:55:27, John Ogness wrote:
> On 2008-12-23, Pavel Machek <pavel@xxxxxxx> wrote:
> >> MOTIVATION
> >> 
> >> Since 2001 various anti-virus vendors have been providing
> >> out-of-tree solutions for online virus scanning. Although GNU/Linux
> >> systems currently are not targets of virus authors, many
> >> organizations are interested in online virus scanning on
> >> Linux-based servers in order to help protect Microsoft Windows
> >> clients. It is often argued that file scanning should be
> >> implemented in the various services (such as Samba, Apache, vsftpd,
> >> etc.), and indeed many such solutions have been
> >> implemented. However, there is a continued demand for a
> >> kernel-based solution because it can guard the entire filesystem
> >> independent from the types and numbers of services running on a
> >> system.
> >
> > Somewhere here you should mention that unlike other solutions that
> > work 100% of time, dazuko is be design racy and may still allow
> > viruses to be spread from linux system when mmap is used.
> 
> This thread is about DazukoFS. I feel there is no need to discuss
> previous incarnations of Dazuko, all of which share _no_ code with
> DazukoFS.
> 
> If you are aware of a race condition in DazukoFS, please report
> it. Thank you.

I'm surprised, do you claim there is none?

So how do you handle mmap(...MAP_SHARED) case? 
									Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/