Re: scanner interface proposal was: [TALPA] Intro to a linux interfacefor on access scanning (fwd)
From: david
Date: Mon Dec 01 2008 - 00:20:29 EST
On Mon, 1 Dec 2008, Enrico Weigelt wrote:
* Alan Cox <alan@xxxxxxxxxxxxxxxxxxx> wrote:
Fine. Why not just putting this into a userland filesystem ?
1. Performance
Does it really hurt so bad, compared with all actual AV stuff ?
It has to go to userland anyway, in case you don't intend to
put the scanner into the kernel ;-o
if you have to scan every file then you are right, the userland overhead
would be swamped by the scanner overhead. but much of the time you will be
accessing files that are already scanned or that you aren't going to scan,
but you would still be paying the userland penalty for the filesystem.
David Lang
2. Networked file systems
What's the problem ?
(btw: 9P already *IS* an network filesystem ;-P)
3. Ioctls
Ah, just forgot a while that this crap still exists ;-o
BUT: do the affected dirs have to contain devices ?
Is there any point for pulling /dev through the AV scanner ?
cu
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/