RE: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterfaceforon access scanning

[Press, Jonathan]

> -----Original Message-----
> From: Pavel Machek [mailto:pavel@xxxxxxx]
> Sent: Thursday, August 14, 2008 8:54 AM
> To: tvrtko.ursulin@xxxxxxxxxx
> Cc: Arjan van de Ven; Adrian Bunk; davecb@xxxxxxx; Greg KH; Press,
Jonathan;
> linux-kernel@xxxxxxxxxxxxxxx; linux-security-module@xxxxxxxxxxxxxxx;
malware-
> list@xxxxxxxxxxxxxxxx; Mihai Don??u
> Subject: Re: [malware-list] [RFC 0/5] [TALPA] Intro to
alinuxinterfaceforon access
> scanning
> 
> Hi!
> 
> Okay, so goal of libmalware.so is to "not allow data in the black list
> to pass through Linux server". Threat model is windows machines trying
> to copy infected files through the server. 

That's only part of the threat model.

> Viruses are not expected to have shell access to either root or normal

> users on the server.

That's a big exception.


> it actually _works_, 100% of time, for apps using it.

Again that's a big condition.


Jon Press
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/