Critical Linux security API is still a kludge (Inquirer)
Posted Oct 23, 2006 15:38 UTC (Mon) by nix
In reply to: Critical Linux security API is still a kludge (Inquirer)
Parent article: Critical Linux security API is still a kludge (Inquirer)
It also means that the things opening the files *block* until the dazuko-using application has gated access, which *at best* turns open() from a syscall requiring two ring transitions to one requiring four ring transitions and two context switches!
Doing this sort of thing using inotify is a total waste of time in the presence of network filesystems, SANs, and other filesystems that may be written by other than the local system.
But then this whole thing is a total waste of time anyway. Probably an LD_PRELOADed wrapper *is* the right thing: a wrapper wrapped specifically around WINE and those (very rare) other things that are actually at risk from Windows malware. Normally a clamav milter or something similar can do a better job anyway.
to post comments)