On Wed, 09 Jul 2008 20:25:27 +0200, Carlos E. R. wrote:
The Wednesday 2008-07-09 at 18:03 -0000, Jim Henderson wrote:
Yeah, so of course it makes no sense at all to spend time on implementing on-access scanning. Ever.
You are right, it doesn't make sense :-P
As I understand, it was implemented and then removed. It is not needed.
So, if I was going to be facetious, I'd say that AppArmor/SELinux also should be removed, since the only things changing files should be things the user is aware of, right? MAC is just an unneeded layer, since it takes effort on the user's part to change configuration settings and such. ;-)
You'd find there has been lots of discussions about AA between the kernel devs. I'm not even sure AA is on the main kernel yet, it wasn't for some time.
But AA serves a pourpose, O-A-S doesn't :-P
But if everything bad that happens to the system is caused by the user doing something stupid, then what's the purpose of AA above and beyond AV (in general) or OAS (specifically)? OAS and AV are tools to protect the user from themselves. So is AA. I fail to see the difference.
No, seriously, AA is seen to do protection now in Linux against some types of attacks. Antivirus no, not now, yet, and hopefully, never.
It's that *hopefully* part that worries me. It doesn't keep me up at night, but it is the idea that "we're invulnerable, no virus could ever hurt us" that is ultimately going to be seen as a challenge to the coders. When the user base is big enough to be a good target, I would expect to see more viruses written.
I understand it's more a kernel issue, so from the standpoint of implementing it, this is the wrong place to discuss the actual implementation.
Yes, but I suppose the dazuko people could (should!) argue that point with the kernel devs. I hope they did and lost, because the thought that they simply forgot to argue or did not notice the problem is worse. I, dunno.
Well, yes; the authors of the tool are the ones who should be having this debate. For me this is largely academic because - as you have said about yourself - viruses don't affect me on Linux.
The thing is they have been overrun by the train and left their users with their pants down. Bad on them, not the fault of suse as the OP claimed.
*This* I agree with. The only "fault" from the SUSE folks is that it was included even though it was broken. That shouldn't have happened.
Hopefully they will find some way to do they type of scanning you want, but that will take some time.
Yep, I understand that it will take time. The need isn't immediate, either. In my mind, it makes more sense to plan ahead so we don't hit a time where it *becomes* an immediate need and we all get caught with our pants down. Jim -- Jim Henderson Please keep on-topic replies on the list so everyone benefits -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org