On 2008-10-07, [EMAIL PROTECTED] wrote: > Do you know if there is way to hack antivir using this version of > dazukofs? antivir was ok with the previous version > (dazuko-2.3.5-nullfs-0.0.3).
The previous version (dazuko-2.3.5-nullfs-0.0.3) is based on the Dazuko 2.x code and model. That model was based on file names being passed to registered applications and registered applications being allowed free reign on the system. This has the following security issues: 1. path names are unreliable 2. giving free reign to any application is a bad idea DazukoFS 3 takes care of both of these issues by providing the registered application with a read-only, already opened file descriptor. This allows the registered application to scan the contents without ever having to open a file. Thus, the registered application does not require any more priviledges than any other application (except for accessing the DazukoFS device, of course). Since the new model represents a fundemental change in the way Dazuko works, it is not possible to "trick" Dazuko 2.x applications into using the DazukoFS 3.x interface. It would require adding backwards compatible hooks into DazukoFS (and I don't want to do that). I realize that for anti-virus vendors, adapting to the new DazukoFS requires some effort. That is why I made sure it was a completely separate interface. If a vendor wanted, they could easily support Dazuko and DazukoFS simultaneously, and choose whichever is available on the system. In my opinion, the changes required would be rather small. I know that Avira GmbH is currently evaluating DazukoFS. Once DazukoFS is officially released, perhaps they will include support for it in their on-access scanner. John Ogness _______________________________________________ Dazuko-devel mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/dazuko-devel
