Re: TALPA - a threat model? well sorta.

From: Arnd Bergmann
Date: Thu Aug 14 2008 - 09:02:41 EST

Next message: Tomas Winkler: "Re: [ANNOUNCE] Wifi Link 5300 and 5100 Series"
Previous message: Peter Zijlstra: "Re: [rfc][patch] mm: dirty page accounting race fix"
In reply to: Christoph Hellwig: "Re: TALPA - a threat model? well sorta."
Next in thread: Greg KH: "Re: TALPA - a threat model? well sorta."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wednesday 13 August 2008, Alan Cox wrote:
> > So, what is it that anti-malware companies do? They scan files. That's
> > it.
>
> Good so lets instead have a discussion about making the file event
> notification more scalable. That is the same thing I want for content
> indexing. It is the same thing you want for certain kinds of smart
> archiving, for on-line asynchronous backup and other stuff.
>
> It ought to be a simple clean syscall interface.

In this case, it seems to be the same kind of requirement that lead to
dnotify and inotify, right?

So in order to get the third notification syscall interface right, the
obvious questions are:

1. How do you make it cleaner than inotify?
2. How do you make it more scalable than inotify?
3. Do you need it to do anything that inotify doesn't do, beyond 1. and 2.?

Arnd <><
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Tomas Winkler: "Re: [ANNOUNCE] Wifi Link 5300 and 5100 Series"
Previous message: Peter Zijlstra: "Re: [rfc][patch] mm: dirty page accounting race fix"
In reply to: Christoph Hellwig: "Re: TALPA - a threat model? well sorta."
Next in thread: Greg KH: "Re: TALPA - a threat model? well sorta."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]