Critical Linux security API is still a kludge

Think again… do you need the anti virus software for Linux?

THE TALK lately has centred about Vista’s security APIs, but Linux certainly needs improvements in this area, because AV vendors still rely on an external kernel module to implement “real time” file scanning.

Resident virus scanners need to intercept file access and allow or deny read operations on executable files only after a file’s safety has been determined. On the Linux world, a German company dubbed “Avira GmbH” designed an API to allow “on-access” virus scanning, which based on a kernel module allows to intercept file access calls and passing control to a third party application, in this case the anti-virus scanner. According to the project’s web page, “Dazuko has been released as Free Software in order to allow users to compile the device driver for their own custom kernels”. The problem is that it’s not a part of the current Linux kernel, so users must either rely on the Linux distributor’s willingness to ship pre-built binaries of the loadable kernel modules, or more often than not, having to compile such modules themselves.

Read more at theinquirer

🐧 If you liked this page, please support my work on Patreon or with a donation.
🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source & DevOps topics via:
CategoryList of Unix and Linux commands
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
0 comments… add one

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.