Critical Linux security API is still a kludge

in Categories Linux, Linux desktop, Security last updated October 22, 2006

Think again… do you need the anti virus software for Linux?

THE TALK lately has centred about Vista’s security APIs, but Linux certainly needs improvements in this area, because AV vendors still rely on an external kernel module to implement “real time” file scanning.

Resident virus scanners need to intercept file access and allow or deny read operations on executable files only after a file’s safety has been determined. On the Linux world, a German company dubbed “Avira GmbH” designed an API to allow “on-access” virus scanning, which based on a kernel module allows to intercept file access calls and passing control to a third party application, in this case the anti-virus scanner. According to the project’s web page, “Dazuko has been released as Free Software in order to allow users to compile the device driver for their own custom kernels”. The problem is that it’s not a part of the current Linux kernel, so users must either rely on the Linux distributor’s willingness to ship pre-built binaries of the loadable kernel modules, or more often than not, having to compile such modules themselves.

Read more at theinquirer

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

Share this on (or read 0 comments/add one below):