On-access virus checking in Samba
James Sutherland
jas88 at cam.ac.uk
Tue May 16 18:13:58 GMT 2000
On Tue, 16 May 2000, Simon Harrison wrote:
> Thanks for the information, but in this way bugs in the virus scanner can
> crash the kernel! Since virus scanners are non-trivial I wouldn't fancy
> having the stability issues of changing a kernel in this way. I suppose it
> depends on how it will be implemented.
NO! It doesn't involve plugging your virus scanner into the kernel.
It works in a similar way to strace et al - one process monitors another,
and gets told what that process is up to. We plan to extend this to allow
the monitoring process to modify parameters, change the return value, etc.
It shouldn't compromise the kernel in any way - the modifications
kernel-side are minimal.
> Samba gives a cross-platform solution, and I think the biggest threat is
> from networked Windows PCs (which are not likely to be running NFS clients).
> By patching Samba instead of the kernel I get to cover AIX, Solaris,
> FreeBSD, SCO etc...
True - provided it's a cross platform virus scanner :-)
Also, the PCs could well be running NFS clients - or Netware clients.
Equally, you could have Macs over AppleTalk or NCP, DOS clients using
Netware...
James.
More information about the samba-technical
mailing list